Careers & People

News & Commentary
Why Security Startups Fly And Why They Crash
Kelly Sheridan, Staff Editor, Dark ReadingNews
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
By Kelly Sheridan Staff Editor, Dark Reading, 7/20/2018
Comment0 comments  |  Read  |  Post a Comment
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure MentemCommentary
It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.
By Ira Winkler CISSP, President, Secure Mentem, 7/19/2018
Comment3 comments  |  Read  |  Post a Comment
SOCs Use Automation to Compensate for Training, Technology Issues
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/13/2018
Comment1 Comment  |  Read  |  Post a Comment
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security Pro File: Web app security pioneer dishes on his teenage security career, his love of electric scooters, Ace Ventura and a new baby food business venture with his wife and famed chef, Kathy Fang.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESETCommentary
Establishing an entre into the security world can be a maddeningly slow process. For those of us already here, it can be an opportunity to help others.
By Lysa Myers Security Researcher, ESET, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
New Cyber Center Opens at Augusta University in Georgia
Dark Reading Staff, Quick Hits
University partners with state on $100 million Georgia Cyber Center for cybersecurity education and research.
By Dark Reading Staff , 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
WEF: 217 More Years Until Women and Men Reach Economic Equality
Kelly Sheridan, Staff Editor, Dark ReadingNews
Progress toward economic parity is in reverse for the first time since 2006, but cybersecurity can help change the game.
By Kelly Sheridan Staff Editor, Dark Reading, 7/5/2018
Comment2 comments  |  Read  |  Post a Comment
4 Basic Principles to Help Keep Hackers Out
David Pearson, Principle Threat ResearcherCommentary
The most effective hackers keep things simple, something organizations must take into account.
By David Pearson Principle Threat Researcher, 7/5/2018
Comment3 comments  |  Read  |  Post a Comment
6 Drivers of Mental and Emotional Stress in Infosec
Kelly Sheridan, Staff Editor, Dark Reading
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 7/2/2018
Comment4 comments  |  Read  |  Post a Comment
There's No Automating Your Way Out of Security Hiring Woes
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/28/2018
Comment0 comments  |  Read  |  Post a Comment
The 3 R's for Surviving the Security Skills Shortage
Ericka Chickowski, Contributing Writer, Dark ReadingNews
How to recruit, retrain, and retain with creativity and discipline.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/27/2018
Comment0 comments  |  Read  |  Post a Comment
First Women-Led Cybersecurity Venture Capital Firm Launches
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Intel Names Window Snyder as Chief Software Security Officer
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The microprocessor giant hires security veteran credited with leading both Microsoft's and Apple's security advancements.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips for Driving User Buy-in to Security Policies
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018
Comment1 Comment  |  Read  |  Post a Comment
Demystifying Mental Health in the Infosec Community
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts talk about burnout, diversity, mental health, and legal issues in a new Community track at Black Hat USA.
By Kelly Sheridan Staff Editor, Dark Reading, 6/14/2018
Comment1 Comment  |  Read  |  Post a Comment
LeBron vs. Steph: The NBA Version of Cyber Defense vs. Cyberattacks
Donald Meyer, Head of Cloud and Data Center,  Check Point SoftwareCommentary
It takes an aggressive, swarming approach to overcome the most dangerous threats today.
By Donald Meyer Head of Cloud and Data Center, Check Point Software, 6/13/2018
Comment0 comments  |  Read  |  Post a Comment
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for SplunkCommentary
We deserve a seat at the executive table, and we'll be much better at our jobs once we take it.
By Joel Fulton Chief Information Security Officer for Splunk, 6/13/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Ways Greed Has a Negative Effect on Cybersecurity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
How the security industry can both make money and stay true to its core values, and why that matters.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 6/11/2018
Comment3 comments  |  Read  |  Post a Comment
Threat Landscape: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Insider threats -- desktop attacks, security awareness, caffeine -- all worthy contenders in our cartoon caption competition. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 6/8/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.