Operations // Careers & People
News & Commentary
Chipping Away At Credit Card Fraud With EMV
Deborah Baxley, Principal, Cards & Payments, Capgemini Financial ServicesCommentary
As of October 1, so-called chip-and-pin technology is now the law of the land for electronic payments in the US. But itís not the silver bullet that will instantly stop all cybercrime.
By Deborah Baxley Principal, Cards & Payments, Capgemini Financial Services, 10/8/2015
Comment1 Comment  |  Read  |  Post a Comment
Donít Be Fooled: In Cybersecurity Big Data Is Not The Goal
Jay Jacobs, Senior Data Scientist, BitSight TechnologiesCommentary
In other words, the skills to be a security expert do not translate to being able to understand and extract meaning from security data.
By Jay Jacobs Senior Data Scientist, BitSight Technologies, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
What Security Pros Really Worry About
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Editor-in-Chief Tim Wilson visits the Dark Reading News Desk to report what security pros have told us in latest Black Hat and Dark Reading surveys about their priorities and what keeps them from them.
By Sara Peters Senior Editor at Dark Reading, 10/2/2015
Comment0 comments  |  Read  |  Post a Comment
Insider Threats, Data Privacy Are Overlooked By Businesses
William Terdoslavich, Freelance WriterNews
Data security and data breaches are all over the news. However, not all companies are paying as close attention to insider threats and data privacy as they should. A new survey looks at the risks.
By William Terdoslavich Freelance Writer, 10/2/2015
Comment1 Comment  |  Read  |  Post a Comment
Automating Breach Detection For The Way Security Professionals Think
Giora Engel, VP Product & Strategy, LightCyberCommentary
The missing ingredient in making a real difference in the cumbersome process of evaluating a flood of alerts versus a small, actionable number is context.
By Giora Engel VP Product & Strategy, LightCyber, 10/1/2015
Comment2 comments  |  Read  |  Post a Comment
A Fatherís Perspective On The Gender Gap In Cybersecurity
Levi Gundert, Vice President, Threat Intelligence, Recorded FutureCommentary
There are multiple reasons for the dearth of women in infosec when the field is so rich with opportunity. The big question is what the industry is going to do about it.
By Levi Gundert Vice President, Threat Intelligence, Recorded Future, 9/30/2015
Comment16 comments  |  Read  |  Post a Comment
New Data Finds Women Still Only 10% Of Security Workforce
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
But more women hold governance, risk and compliance (GRC) roles than men, new (ISC)2 report finds.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/28/2015
Comment9 comments  |  Read  |  Post a Comment
What Companies Want In A CISO
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Joyce Brocaglia founder of the Executive Women's Forum and CEO of Alta Associates joins the Dark Reading News Desk at Black Hat to discuss closing the gender gap in security and what companies are looking for in a CISO.
By Sara Peters Senior Editor at Dark Reading, 9/23/2015
Comment0 comments  |  Read  |  Post a Comment
Navigating The Slippery Slope Of Public Security Disclosure
Andy Nieto, IT Strategist, DataMotionCommentary
In talking publicly about cybersecurity, CISOs need to portray capability, strength, and confidence, but without offering critical details that could lead to an attack.
By Andy Nieto IT Strategist, DataMotion, 9/21/2015
Comment1 Comment  |  Read  |  Post a Comment
How Tactical Security Works At LinkedIn
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
LinkedIn Director of House Security Cory Scott visits the Dark Reading News Desk at Black Hat to describe the art and science of getting things done.
By Sara Peters Senior Editor at Dark Reading, 9/21/2015
Comment2 comments  |  Read  |  Post a Comment
Dan Kaminsky's Visions Of The CISO's Future
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Dan Kaminsky, chief scientist and founder of White Ops, visits Dark Reading News Desk at Black Hat to explain a 'fairly controversial' opinion about how to fix the security skills shortage, and why CISOs' budgets will double, then double again.
By Sara Peters Senior Editor at Dark Reading, 9/16/2015
Comment0 comments  |  Read  |  Post a Comment
Information Security Lessons From Literature
Joshua Goldfarb, VP & CTO - Americas, FireEye.Commentary
How classic themes about listening, honesty, and truthfulness can strengthen your organizationís security posture, programs and operations.
By Joshua Goldfarb VP & CTO - Americas, FireEye., 9/15/2015
Comment1 Comment  |  Read  |  Post a Comment
Comic Con, Dark Reading Version
John Klossner, Cartoonist
Our graphic novel illustrating a typical day in the life of a security super hero, as imagined by cartoonist John Klossner.
By John Klossner Cartoonist, 9/14/2015
Comment1 Comment  |  Read  |  Post a Comment
Why Everybody Loves (And Hates) Security
Sergio Galindo, GM, GFI SoftwareCommentary
Even security professionals hate security. So why do we all harbor so much dislike for something we need so much? And what can we do about it?
By Sergio Galindo GM, GFI Software, 9/9/2015
Comment1 Comment  |  Read  |  Post a Comment
RSA's Ex-CEO Coviello Back In The Game
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Art Coviello, former head of RSA Security, has returned to the security industry after retiring from RSA for health reasons.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Mark Weinstein, CEO, MeWe.comCommentary
You can read all you want about Windows 10 powerful new privacy features, but that doesnít mean you have them.
By Mark Weinstein CEO, MeWe.com, 9/2/2015
Comment5 comments  |  Read  |  Post a Comment
We Can Allow Cybersecurity Research Without Stifling Innovation
Gavin Reid, Vice President, Threat Intelligence, Lancope IncCommentary
The U.S. government is in a unique position to become a global leader in cybersecurity. But only if it retains the open spirit of the Internet that kick-started the Information Age.
By Gavin Reid Vice President, Threat Intelligence, Lancope Inc, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Sights & Sounds Of Black Hat USA And DEF CON
Kelly Jackson Higgins, Executive Editor at Dark Reading
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Kevin West, CEO & founder, K logixCommentary
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
By Kevin West CEO & founder, K logix, 8/31/2015
Comment1 Comment  |  Read  |  Post a Comment
Ashley Madison CEO Resigns
Dark Reading Staff, Quick Hits
Once again, a security breach claims an executive's job, but the business plans to continue operating.
By Dark Reading Staff , 8/28/2015
Comment7 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-08
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Published: 2015-10-08
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privile...

Published: 2015-10-08
The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632.

Published: 2015-10-08
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236.

Published: 2015-10-06
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.