Careers & People
News & Commentary
The Youthful Side Of Hacking
Peter Gyongyosi, Product Manager, BalabitCommentary
If the iconic 1955 movie Rebel Without a Cause was remade today, would James Dean be a computer hacker?
By Peter Gyongyosi Product Manager, Balabit, 11/25/2015
Comment9 comments  |  Read  |  Post a Comment
Cisco Cert Tracker Offline After Pearson VUE Breach
Marcia Savage, Managing Editor, Network ComputingNews
Third-party certification credential manager used by Cisco and others is taken down after malware infection.
By Marcia Savage Managing Editor, Network Computing, 11/24/2015
Comment1 Comment  |  Read  |  Post a Comment
We Need A New Word For Cyber
John B. Dickson, CISSP,  Principal, Denim GroupCommentary
It’s time to find an alternative for 'cyber' (an adjective or noun) before the term – like 'google' -- becomes a verb.
By John B. Dickson CISSP, Principal, Denim Group, 11/23/2015
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Radio: A Cybersecurity Generation Gap
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
Millennials--especially young women--not pursuing careers in cybersecurity due to lack of both awareness and interest.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/16/2015
Comment5 comments  |  Read  |  Post a Comment
Solving Security: If You Want Something New, Stop Doing Something Old
Marilyn Cohodas, Community Editor, Dark ReadingNews
Black Hat Europe keynoter Haroon Meer tells security pros to work smarter, think out of the box, and speak out to the C-suite.
By Marilyn Cohodas Community Editor, Dark Reading, 11/12/2015
Comment0 comments  |  Read  |  Post a Comment
Point of Entry: The Missing Link in the Security Hiring Gap
Jamesha Fisher, DevOps Security PirateCommentary
How misguided notions of capability and lack of access to enterprise tools discourage diversity in Infosec.
By Jamesha Fisher DevOps Security Pirate, 11/12/2015
Comment1 Comment  |  Read  |  Post a Comment
Machine Learning: Perception Problem? Maybe. Pipe Dream? No Way!
Mike Paquette, VP Products, PrelertCommentary
Guided by an organization's internal security experts,'algorithmic assistants' provide a powerful new way to find anomalies and patterns for detecting cyberthreat activity.
By Mike Paquette VP Products, Prelert, 11/11/2015
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Skills Gap: Too Good To Be True For Job Seekers?
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
New track at Black Hat Europe explores the special challenges of managing an information security career for both job hunters and job hirers.
By Marilyn Cohodas Community Editor, Dark Reading, 11/9/2015
Comment0 comments  |  Read  |  Post a Comment
What Flu Season Can Teach Us About Fighting Cyberattacks
Dug Song, CEO, Duo SecurityCommentary
Cybersecurity doesn't have to be an arms race towards complexity if we put people front and center of the solution.
By Dug Song CEO, Duo Security, 11/6/2015
Comment2 comments  |  Read  |  Post a Comment
Mature & Unconfident: The Best Information Security Teams Ever!
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEyeCommentary
Security through maturity and humility is a workable philosophy with proven results for organizations that are willing to give it a try. Here’s why.
By Joshua Goldfarb VP & CTO - Emerging Technologies, FireEye, 11/5/2015
Comment0 comments  |  Read  |  Post a Comment
BYOD 2015: Data Loss, Data Leaks & Data Breaches
Subbu Sthanu, Director, Mobile Security & Application Security, IBMCommentary
The growth of employee-owned devices in the workplace is placing new demands on enterprises struggling to protect both personal and professional data.
By Subbu Sthanu Director, Mobile Security & Application Security, IBM, 11/4/2015
Comment1 Comment  |  Read  |  Post a Comment
The Evolving Security Budget: 3 New Ways CISOs Prioritize Spending
Ericka Chickowski, Contributing Writer, Dark ReadingNews
New report shows increased spending and shifting priorities
By Ericka Chickowski Contributing Writer, Dark Reading, 11/4/2015
Comment0 comments  |  Read  |  Post a Comment
The Global CISO: Why U.S. Leaders Must Think Beyond Borders
Kal Bittianda, Consultant, Egon ZehnderCommentary
To compete for the top cybersecurity jobs on a world stage, home-grown CISOs need to take a more international approach to professional development.
By Kal Bittianda Consultant, Egon Zehnder, 10/28/2015
Comment13 comments  |  Read  |  Post a Comment
Bad News is Good News For Security Budgets But Not Skills
Bob Kalka, VP, IBM SecurityCommentary
Cybersecurity is finally getting the attention – and dollars – it deserves from the C-Suite. The challenge now is finding the talent to take full advantage of these technology investments.
By Bob Kalka VP, IBM Security, 10/27/2015
Comment3 comments  |  Read  |  Post a Comment
Millennials Not Pursuing Cybersecurity Careers
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Lack of awareness about what cybersecurity jobs entail is widespread worldwide among 18- to 26-year-olds -- especially women -- a new study finds.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/26/2015
Comment22 comments  |  Read  |  Post a Comment
New Approaches to Vendor Risk Management
Dr. Aleksandr Yampolskiy, CEO & Cofounder, SecurityScorecardCommentary
The key to managing partner security risk is having truly verifiable evidence.
By Dr. Aleksandr Yampolskiy CEO & Cofounder, SecurityScorecard, 10/26/2015
Comment0 comments  |  Read  |  Post a Comment
Passing the Sniff Test: Security Metrics and Measures
Ericka Chickowski, Contributing Writer, Dark Reading
Cigital dishes dirt on top security metrics that don’t work well, why they’re ineffective and which measurable to consider instead.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/23/2015
Comment2 comments  |  Read  |  Post a Comment
Apple, Dropbox Slam CISA Cyber-Security Bill
Larry Loeb, Blogger, InformationweekCommentary
Apple and Dropbox join the swelling ranks of tech companies voicing their opposition to the Cybersecurity Information Sharing Act (CISA) and the lack of privacy protections.
By Larry Loeb Blogger, Informationweek, 10/21/2015
Comment5 comments  |  Read  |  Post a Comment
Building A Winning Security Team From The Top Down
Vincent Liu, Partner, Bishop FoxCommentary
Dropbox security chief Patrick Heim dishes about the need for strong industry leaders, the 'unique' cybersecurity personality and why successful organizations need 'cupcake.'
By Vincent Liu Partner, Bishop Fox, 10/20/2015
Comment1 Comment  |  Read  |  Post a Comment
Former White House Advisor: Marry Infosec To Economics
Sara Peters, Senior Editor at Dark ReadingNews
Melissa Hathaway, former cybersecurity policy advisor to the White House, says the security and economy agendas should go hand-in-hand, and Western nations' use of surveillance technology is 'alarming.'
By Sara Peters Senior Editor at Dark Reading, 10/19/2015
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio