Careers & People

News & Commentary
The Data Security Landscape Is Shifting: Is Your Company Prepared?
Francis Dinha, CEO & Co-Founder of OpenVPNCommentary
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
By Francis Dinha CEO & Co-Founder of OpenVPN, 8/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2018
Sara Peters, Senior Editor at Dark ReadingNews
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
By Sara Peters Senior Editor at Dark Reading, 8/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Shadow IT: Every Company's 3 Hidden Security Risks
Adam Marre,  Information Security Operations Leader, QualtricsCommentary
Companies can squash the proliferation of shadow IT if they listen to employees, create transparent guidelines, and encourage an open discussion about the balance between security and productivity.
By Adam Marre Information Security Operations Leader, Qualtrics, 8/7/2018
Comment1 Comment  |  Read  |  Post a Comment
IT Managers: Are You Keeping Up with Social-Engineering Attacks?
Larry Ponemon, Chairman and Founder, Ponemon Institute, and 3M Privacy ConsultantCommentary
Increasingly sophisticated threats require a mix of people, processes, and technology safeguards.
By Larry Ponemon Chairman and Founder, Ponemon Institute, and 3M Privacy Consultant, 8/6/2018
Comment3 comments  |  Read  |  Post a Comment
Power Grid Security: How Safe Are We?
Cameron Camp, ESET Security ResearcherCommentary
Experiencing a power outage? It could have been caused by a hacker or just a squirrel chewing through some equipment. And that's a problem.
By Cameron Camp ESET Security Researcher, 8/2/2018
Comment0 comments  |  Read  |  Post a Comment
How GDPR Could Turn Privileged Insiders into Bribery Targets
Mark Coates, VP, EMEA, Dtex SystemsCommentary
Regulatory penalties that exceed the cost of an extortion payout may lead to a new form of ransomware. These four steps can keep you from falling into that trap.
By Mark Coates VP, EMEA, Dtex Systems, 8/2/2018
Comment0 comments  |  Read  |  Post a Comment
10 More Women in Security You May Not Know But Should
Kelly Sheridan, Staff Editor, Dark Reading
The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar yet.
By Kelly Sheridan Staff Editor, Dark Reading, 7/31/2018
Comment1 Comment  |  Read  |  Post a Comment
University of Phoenix Poll: 20% of US Adults Have Considered Infosec Careers
Dark Reading Staff, Quick Hits
Many respondents could enter the field by leveraging skills they already have.
By Dark Reading Staff , 7/30/2018
Comment0 comments  |  Read  |  Post a Comment
The Good & Bad News About Today's Cybersecurity Investment Landscape
Ofer Schreiber, Partner, YL Ventures Commentary
Lots of things keep CISOs up at night. But instead of guessing what CISOs want, investors and vendors should incorporate customer feedback throughout product ideation and development cycles.
By Ofer Schreiber Partner, YL Ventures , 7/25/2018
Comment0 comments  |  Read  |  Post a Comment
How 'Projection' Slows Down the Path to Security Maturity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
A little bit of self-awareness goes a long way when it comes to evaluating a company's security maturity level. It's also a prerequisite to improving.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 7/24/2018
Comment0 comments  |  Read  |  Post a Comment
Why Security Startups Fly And Why They Crash
Kelly Sheridan, Staff Editor, Dark ReadingNews
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
By Kelly Sheridan Staff Editor, Dark Reading, 7/20/2018
Comment1 Comment  |  Read  |  Post a Comment
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure MentemCommentary
It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.
By Ira Winkler CISSP, President, Secure Mentem, 7/19/2018
Comment4 comments  |  Read  |  Post a Comment
SOCs Use Automation to Compensate for Training, Technology Issues
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/13/2018
Comment1 Comment  |  Read  |  Post a Comment
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security Pro File: Web app security pioneer dishes on his teenage security career, his love of electric scooters, Ace Ventura and a new baby food business venture with his wife and famed chef, Kathy Fang.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESETCommentary
Establishing an entre into the security world can be a maddeningly slow process. For those of us already here, it can be an opportunity to help others.
By Lysa Myers Security Researcher, ESET, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
New Cyber Center Opens at Augusta University in Georgia
Dark Reading Staff, Quick Hits
University partners with state on $100 million Georgia Cyber Center for cybersecurity education and research.
By Dark Reading Staff , 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
WEF: 217 More Years Until Women and Men Reach Economic Equality
Kelly Sheridan, Staff Editor, Dark ReadingNews
Progress toward economic parity is in reverse for the first time since 2006, but cybersecurity can help change the game.
By Kelly Sheridan Staff Editor, Dark Reading, 7/5/2018
Comment2 comments  |  Read  |  Post a Comment
4 Basic Principles to Help Keep Hackers Out
David Pearson, Principle Threat ResearcherCommentary
The most effective hackers keep things simple, something organizations must take into account.
By David Pearson Principle Threat Researcher, 7/5/2018
Comment3 comments  |  Read  |  Post a Comment
6 Drivers of Mental and Emotional Stress in Infosec
Kelly Sheridan, Staff Editor, Dark Reading
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 7/2/2018
Comment4 comments  |  Read  |  Post a Comment
There's No Automating Your Way Out of Security Hiring Woes
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/28/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-13106
PUBLISHED: 2018-08-15
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13107
PUBLISHED: 2018-08-15
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13108
PUBLISHED: 2018-08-15
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13100
PUBLISHED: 2018-08-15
DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13101
PUBLISHED: 2018-08-15
Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-10-03, iOS application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.