Careers & People

News & Commentary
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
By Sara Peters Senior Editor at Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
Latest News from RSAC 2018
Dark Reading Staff, News
Check out Dark Reading's exclusive coverage of the news and security themes that are dominating RSA Conference 2018 this week in San Francisco.
By Dark Reading Staff , 4/18/2018
Comment0 comments  |  Read  |  Post a Comment
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
Sara Peters, Senior Editor at Dark ReadingNews
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
By Sara Peters Senior Editor at Dark Reading, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Majority of Men Think Women Have Equal Opportunity to Advance in Cybersecurity Career
Jai Vijayan, Freelance writerNews
Not so fast, say women.
By Jai Vijayan Freelance writer, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Stripping the Attacker Naked
Martin Dion, VP EMEA Services, Kudelski SecurityCommentary
How cyber threat intelligence can help you gain a better understanding of the enemy and why that gives security teams the upper hand.
By Martin Dion VP EMEA Services, Kudelski Security, 4/6/2018
Comment5 comments  |  Read  |  Post a Comment
How Security Can Bridge the Chasm with Development
Caleb Sima, Founder, Badkode VenturesCommentary
Enhancing the relationships between security and engineering is crucial for improving software security. These six steps will bring your teams together.
By Caleb Sima Founder, Badkode Ventures, 4/5/2018
Comment0 comments  |  Read  |  Post a Comment
How Gamers Could Save the Cybersecurity Skills Gap
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
McAfee shares its firsthand experience on training in-house cybersecurity pros and publishes new data on how other organizations deal with filling security jobs.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/4/2018
Comment1 Comment  |  Read  |  Post a Comment
10 Women in Security You May Not Know But Should
Kelly Sheridan, Staff Editor, Dark Reading
The first in a series of articles shining a spotlight on women who are quietly changing the game in cybersecurity.
By Kelly Sheridan Staff Editor, Dark Reading, 3/30/2018
Comment7 comments  |  Read  |  Post a Comment
How Measuring Security for Risk & ROI Can Empower CISOs
Vikram Phatak, Chief Executive Officer of NSS LabsCommentary
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
By Vikram Phatak Chief Executive Officer of NSS Labs, 3/28/2018
Comment1 Comment  |  Read  |  Post a Comment
Automating Ethics for Cybersecurity
John De Santis, CEO, HyTrustCommentary
Having a code of ethics and enforcing it are two different things.
By John De Santis CEO, HyTrust, 3/28/2018
Comment0 comments  |  Read  |  Post a Comment
UVA Defeats UMBC, in Stunning Upset
Sara Peters, Senior Editor at Dark ReadingCommentary
In first trip to Mid-Atlantic Collegiate Cyber Defense Competition, University of Virginia's Cyber Defense Team defeats reigning national champs from University of Maryland, Baltimore County.
By Sara Peters Senior Editor at Dark Reading, 3/27/2018
Comment1 Comment  |  Read  |  Post a Comment
780 Days in the Life of a Computer Worm
Javvad Malik, Security Advocate at AlienVaultCommentary
This is a story of a worm, from the time it was coded and deployed onto the Internet. It is narrated by the worm in the first person.
By Javvad Malik Security Advocate at AlienVault, 3/27/2018
Comment0 comments  |  Read  |  Post a Comment
SOC in Translation: 4 Common Phrases & Why They Raise Flags
Daniel Smallwood, Senior Security Engineer, JASKCommentary
By keeping an ear out for out for catchphrases like "Just ask Stu" or "I've got a bad feeling about this," CISOs can overcome the barriers that get between business leaders and their security teams.
By Daniel Smallwood Senior Security Engineer, JASK, 3/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Facebook CISO Stamos to Depart from the Social Media Firm: Report
Dark Reading Staff, Quick Hits
Stamos will remain in his position through August, according to a report in The New York Times.
By Dark Reading Staff , 3/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
By Steve Zurier Freelance Writer, 3/16/2018
Comment10 comments  |  Read  |  Post a Comment
Online Ads vs. Security: An Invisible War
Corey Nachreiner, Chief Technology Officer, WatchGuard TechnologiesCommentary
Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
By Corey Nachreiner Chief Technology Officer, WatchGuard Technologies, 3/15/2018
Comment2 comments  |  Read  |  Post a Comment
(ISC)2 Report: Glaring Disparity in Diversity for US Cybersecurity
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
While the average US security salary is $122,000, the average salary for people of color is $115,000, with men identifying as minorities making $6000 more than minority women.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 3/15/2018
Comment2 comments  |  Read  |  Post a Comment
A Secure Enterprise Starts with a Cyber-Aware Staff
Jo-Ann Smith, Director of Technology Risk Management and Data Privacy at  AbsoluteCommentary
An attack doesn't have to be super high-tech to cause a lot of damage. Make sure your employees know how to spot an old-fashioned phishing campaign.
By Jo-Ann Smith Director of Technology Risk Management and Data Privacy at Absolute, 3/14/2018
Comment0 comments  |  Read  |  Post a Comment
What CISOs Should Know About Quantum Computing
Ericka Chickowski, Contributing Writer, Dark Reading
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
By Ericka Chickowski Contributing Writer, Dark Reading, 3/13/2018
Comment2 comments  |  Read  |  Post a Comment
Disappearing Act: Dark Reading Caption Contest Winners
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
A standout field with hysterical puns about security policies, Meltdown, Amazon Web Services, and the right to be forgotten. And the winner is
By Marilyn Cohodas Community Editor, Dark Reading, 3/12/2018
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer,  4/17/2018
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.