Careers & People
News & Commentary
Two Arrested for Microsoft Network Intrusion
Dark Reading Staff, Quick Hits
UK authorities arrest two men for allegedly breaking into Microsoft's network with the intent to steal customer data from the software giant.
By Dark Reading Staff , 6/22/2017
Comment0 comments  |  Read  |  Post a Comment
KPMG: Cybersecurity Has Reached a Tipping Point from Tech to CEO Business Issue
Tony Buffomante, KPMG, U.S. Cyber Security Services LeaderCommentary
Still, a majority of US-based chief execs say they will be maintaining and not investing in security technology over the next three years, a recent study shows.
By Tony Buffomante KPMG, U.S. Cyber Security Services Leader, 6/22/2017
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Launches New Conference on Cyber Defense
Tim Wilson, Editor in Chief, Dark Reading, Commentary
November event will focus on attendee interaction, "blue team" best practices
By Tim Wilson, Editor in Chief, Dark Reading , 6/21/2017
Comment2 comments  |  Read  |  Post a Comment
Feds Call on Contractors to Play Ball in Mitigating Insider Threats
Thomas Jones, Federal Systems Engineer at Bay DynamicsCommentary
It's said that you're only as strong as your weakest player. That's as true in security as it is in sports.
By Thomas Jones Federal Systems Engineer at Bay Dynamics, 6/20/2017
Comment0 comments  |  Read  |  Post a Comment
Lack of Experience Biggest Obstacle for InfoSec Career
Dark Reading Staff, Quick Hits
A majority of wanna-be infosec professionals find they need more experience to be a contender to enter this career, according to a recent Tripwire poll.
By Dark Reading Staff , 6/16/2017
Comment3 comments  |  Read  |  Post a Comment
By the Numbers: Parsing the Cybersecurity Challenge
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Why your CEO should rethink company security priorities in the drive for digital business growth.
By Marc Wilczek Digital Strategist & CIO Advisor, 6/14/2017
Comment3 comments  |  Read  |  Post a Comment
From Reporter to Private Investigator to Security Engineer
Tad Whitaker, Security Engineer, CircleCICommentary
How I fell in love with coding and traded in a camera-rigged Prius for a MacBook and a GitHub account.
By Tad Whitaker Security Engineer, CircleCI, 6/8/2017
Comment1 Comment  |  Read  |  Post a Comment
Cybersecurity Faces 1.8 Million Worker Shortfall By 2022
Dawn Kawamoto, Associate Editor, Dark ReadingNews
(ISC)2 report shows the skills shortage is getting worse.
By Dawn Kawamoto Associate Editor, Dark Reading, 6/7/2017
Comment7 comments  |  Read  |  Post a Comment
Why Compromised Identities Are ITs Fault
Saryu Nayyar, CEO, GuruculCommentary
The eternal battle between IT and security is the source of the problem.
By Saryu Nayyar CEO, Gurucul, 6/7/2017
Comment2 comments  |  Read  |  Post a Comment
Cybersecurity Stands as Big Sticking Point in Software M&A
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The breach that was the fly in the ointment of the Yahoo-Verizon deal is one of many now surfacing as security of acquired firms starts to become a point of negotiation.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/7/2017
Comment0 comments  |  Read  |  Post a Comment
Number of CISOs Rose 15% This Year
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Although the number of CISOs increased to 65% of organizations, it could just be a case of "window dressing," new ISACA report shows.
By Dawn Kawamoto Associate Editor, Dark Reading, 6/5/2017
Comment0 comments  |  Read  |  Post a Comment
Securely Managing Employee Turnover: 3 Tips
Greg Kushto, Senior Director of Security & Solutions Engineering at Force 3Commentary
Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
By Greg Kushto Senior Director of Security & Solutions Engineering at Force 3, 6/5/2017
Comment1 Comment  |  Read  |  Post a Comment
Hollywood Film Studio Seeks Up-And-Coming Hackers for Reality TV Show
Tim Wilson, Editor in Chief, Dark Reading, Quick Hits
New program on major cable network will feature competitions, personalities.
By Tim Wilson, Editor in Chief, Dark Reading , 6/2/2017
Comment0 comments  |  Read  |  Post a Comment
Internet Society Takes On IoT, Website Security, Incident Response via OTA Merger
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
What happens now that the Online Trust Alliance - which includes Microsoft, Symantec, Twitter, and other big names - will be under the umbrella of the global Internet organization?
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/1/2017
Comment2 comments  |  Read  |  Post a Comment
Securing the Human a Full-Time Commitment
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Encouraging the people in your organization to make safer cyber decisions requires dedicated brainpower to pull off, SANS study shows.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/30/2017
Comment0 comments  |  Read  |  Post a Comment
In the Cloud, Evolving Infrastructure Means Evolving Alliances
Mike Convertino, CISO & VP, Information Security, F5 NetworksCommentary
New opportunities make for unusual bedfellows. Here's how to navigate the shift in organizational dynamics between security operations, line-of-business managers, and developers.
By Mike Convertino CISO & VP, Information Security, F5 Networks, 5/25/2017
Comment0 comments  |  Read  |  Post a Comment
Unsanctioned Computer Support Costs Companies $88K per Year
Dark Reading Staff, Quick Hits
A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.
By Dark Reading Staff , 5/24/2017
Comment3 comments  |  Read  |  Post a Comment
With Billions Spent on Cybersecurity, Why Are Problems Getting Worse?
Grant Elliott, CEO and Co-Founder of OstendioCommentary
Technology alone won't keep you safe. Fully engaged employees should be your first line of defense.
By Grant Elliott CEO and Co-Founder of Ostendio, 5/23/2017
Comment3 comments  |  Read  |  Post a Comment
In Search of an Rx for Enterprise Security Fatigue
Rick Orloff, VP, Chief Security Officer, and Chief Privacy Officer at Code42Commentary
Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe? You're not alone.
By Rick Orloff VP, Chief Security Officer, and Chief Privacy Officer at Code42, 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
All Generations, All Risks, All Contained: A How-To Guide
Stan Black, CSO, CitrixCommentary
Organizations must have a security plan that considers all of their employees.
By Stan Black CSO, Citrix, 5/18/2017
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.