Attacks/Breaches
News & Commentary
6 Steps for Responding to a Disruptive Attack
Steve Zurier, Freelance Writer
Today’s threat landscape dictates that companies must have a workable incident response plan.
By Steve Zurier Freelance Writer, 4/29/2016
Comment0 comments  |  Read  |  Post a Comment
Qatar National Bank Probes Possible Data Breach
Dark Reading Staff, Quick Hits
Bank details exposed include those of ruling family and defense officials, reports say.
By Dark Reading Staff , 4/29/2016
Comment0 comments  |  Read  |  Post a Comment
Hacker Group Exploits 'Hot Patching' In Windows To Cloak Cyber Espionage
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
Group called Platinum employs spear phishing and malicious use of hot patching to steal information from government agencies in Asia.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 4/28/2016
Comment0 comments  |  Read  |  Post a Comment
6 Reasons ISPs Must Step Up Defenses Against DDoS Attacks
Vincent Berk, Commentary
Conducting a DDoS attack used to require a significant amount of talent. But today, a high school student with basic hacking skills can access tools that will challenge even the most experienced ISP security teams.
By Vincent Berk , 4/28/2016
Comment0 comments  |  Read  |  Post a Comment
10 Newsmakers Who Shaped Security In the Past Decade
Kelly Jackson Higgins, Executive Editor at Dark Reading
In celebration of Dark Reading’s 10th anniversary, we profile ten people whose actions influenced and shaped the trajectory of the industry – for better or for worse -- in the past ten years.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/28/2016
Comment0 comments  |  Read  |  Post a Comment
Pro-ISIS Hacking Groups Growing, Unifying, But Still Unskilled
Sara Peters, Senior Editor at Dark ReadingNews
Flashpoint report outlines the patchwork of hacking groups and the validity of their claims to fame.
By Sara Peters Senior Editor at Dark Reading, 4/28/2016
Comment1 Comment  |  Read  |  Post a Comment
PCI DSS 3.2: 3 Things You Need to Know
Steve Zurier, Freelance WriterNews
The latest round of upgrades are incremental yet necessary.
By Steve Zurier Freelance Writer, 4/27/2016
Comment0 comments  |  Read  |  Post a Comment
Top 10 Web Hacking Techniques For 2015
Ericka Chickowski, Contributing Writer, Dark Reading
The most influential research on vulnerabilities and exploits, as voted on by the security community.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/27/2016
Comment1 Comment  |  Read  |  Post a Comment
SWIFT Issues Warning About Multiple Security Incidents
Dark Reading Staff, Quick Hits
Group releases new software update to help 'thwart' probable malware used in heists.
By Dark Reading Staff , 4/27/2016
Comment1 Comment  |  Read  |  Post a Comment
The Growing Sophistication Of Distributed Attacks
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Botnet and DDoS attacks growing more advanced and more crucial than ever to cybercriminal's attack strategies.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/26/2016
Comment0 comments  |  Read  |  Post a Comment
Crowdsourcing The Dark Web: A One-Stop Ran$om Shop
Nitsan Saddan, Advanced Threat Researcher, CymmetriaCommentary
Say hello to Ran$umBin, a new kind of ransom market dedicated to criminals and victims alike.
By Ran$umBin Ran$omBin , 4/26/2016
Comment0 comments  |  Read  |  Post a Comment
Malware At Root Of Bangladesh Bank Heist Lies To SWIFT Financial Platform
Sara Peters, Senior Editor at Dark ReadingNews
Customized malware hid $81 million of wire transfers until the money had been safely laundered.
By Sara Peters Senior Editor at Dark Reading, 4/25/2016
Comment1 Comment  |  Read  |  Post a Comment
US Cyber Command Hacks ISIS
Dark Reading Staff, Quick Hits
'Cyber bombs' target ISIS online communications infrastructure.
By Dark Reading Staff , 4/25/2016
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Marks 10th Anniversary With Month Of Special Coverage
Tim Wilson, Editor in Chief, Dark ReadingCommentary
Looking back at the decade in security.
By Tim Wilson Editor in Chief, Dark Reading, 4/25/2016
Comment1 Comment  |  Read  |  Post a Comment
Be Prepared: How Proactivity Improves Cybersecurity Defense
Jason Sachowski, Director, Security Forensics & Civil Investigations, Scotiabank GroupCommentary
These five strategies will help you achieve a state of readiness in a landscape of unpredictable risk.
By Jason Sachowski Director, Security Forensics & Civil Investigations, Scotiabank Group, 4/23/2016
Comment2 comments  |  Read  |  Post a Comment
5 Features to Look For In A Next-Generation Firewall
Steve Zurier, Freelance Writer
When it comes to NGFWs, it’s the integration that counts.
By Steve Zurier Freelance Writer, 4/22/2016
Comment8 comments  |  Read  |  Post a Comment
SpyEye Creators Sentenced To Long Prison Terms
Sara Peters, Senior Editor at Dark ReadingNews
FBI found that arrest halted the release of nasty SpyEye 2.0.
By Sara Peters Senior Editor at Dark Reading, 4/21/2016
Comment1 Comment  |  Read  |  Post a Comment
Databases Remain Soft Underbelly Of Cybersecurity
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Most enterprises still don't continuously monitor database activity.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/21/2016
Comment0 comments  |  Read  |  Post a Comment
A Brief History Of Ransomware
Ericka Chickowski, Contributing Writer, Dark Reading
A top ten chronicle of more than a decade of notable ransomware variants and trends.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/21/2016
Comment2 comments  |  Read  |  Post a Comment
How Hackers Have Honed Their Attacks
Jai Vijayan, Freelance writerNews
More organizations are getting breached, but data exfiltration is becoming harder for attackers, new data shows.
By Jai Vijayan Freelance writer, 4/21/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He has no idea what he's doing."
Current Issue
Understanding & Managing the Mobile Security Threat
Mobile devices are increasing IT security risk. Is your enterprise ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join us as Dark Reading editors speak with IT security hiring experts about improving IT career prospects.