News & Commentary
Ashley Madison CEO Resigns
Dark Reading Staff, Quick Hits
Once again, a security breach claims an executive's job, but the business plans to continue operating.
By Dark Reading Staff , 8/28/2015
Comment1 Comment  |  Read  |  Post a Comment
A Virtual Tour of IBM’s SOCs, With Roger Hellman
Dark Reading Staff, CommentaryVideo
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Paul Vixie On DNS Security & Botnet Takedowns
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
By Sara Peters Senior Editor at Dark Reading, 8/24/2015
Comment2 comments  |  Read  |  Post a Comment
Beware The Hidden Risk Of Business Partners In The Cloud
Sekhar Sarukkai, Co-founder & VP, Engineering, Skyhigh NetworksCommentary
Enterprises vastly underestimate the cyber risk from digital connections to vendors, suppliers, agencies, consultants -- and any company with which employees do business.
By Sekhar Sarukkai Co-founder & VP, Engineering, Skyhigh Networks, 8/20/2015
Comment1 Comment  |  Read  |  Post a Comment
ID Thieves, Blackmailers Have Lots To Gain In Ashley Madison Breach
Sara Peters, Senior Editor at Dark ReadingNews
Breach highlights need for greater anonymity controls in identity and payment mechanisms.
By Sara Peters Senior Editor at Dark Reading, 8/19/2015
Comment5 comments  |  Read  |  Post a Comment
IE Bug Exploited In Wild After Microsoft Releases Out-Of-Band Patch
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Remote code execution vulnerability in Internet Explorer versions 7 through 11 being used to drop PlugX RAT.
By Sara Peters Senior Editor at Dark Reading, 8/19/2015
Comment0 comments  |  Read  |  Post a Comment
Hackers Dump Ashley Madison User Database... Where Most People Won't Find It
Dark Reading Staff, Quick Hits
Attackers make good on doxing threat, but post database to dark web.
By Dark Reading Staff , 8/18/2015
Comment2 comments  |  Read  |  Post a Comment
Making The Security Case For A Software-Defined Perimeter
Kurt A. Mueffelmann, President & CEO, CryptzoneCommentary
With SDP, organizations can create an 'invisible' infrastructure that only authorized users and devices can access. Here’s why it’s time has come.
By Kurt A. Mueffelmann President & CEO, Cryptzone, 8/18/2015
Comment0 comments  |  Read  |  Post a Comment
June Was 'Worst Month Of Malvertising Ever'
Sara Peters, Senior Editor at Dark ReadingNews
Flash zero-days made it easier to deliver ransomware and banking Trojans, and commit click fraud.
By Sara Peters Senior Editor at Dark Reading, 8/12/2015
Comment1 Comment  |  Read  |  Post a Comment
Man-In-The-Cloud Owns Your DropBox, Google Drive -- Sans Malware
Sara Peters, Senior Editor at Dark ReadingNews
Using no malware or stolen passwords, new attack can compromise your cloud synch services and make your good files malicious.
By Sara Peters Senior Editor at Dark Reading, 8/5/2015
Comment3 comments  |  Read  |  Post a Comment
Can't Touch This: 'Hammertoss' Russian Cyberspies Hide In Plain Sight
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
APT29 cyber espionage attackers operate under the cover of legitimate services including Twitter, Github, and cloud storage services.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/29/2015
Comment4 comments  |  Read  |  Post a Comment
New Phishing Campaign Leverages Google Drive
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Researchers believe technique is geared to take over Google SSO accounts.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/28/2015
Comment2 comments  |  Read  |  Post a Comment
Emerging Web Infrastructure Threats
Sara Peters, Senior Editor at Dark Reading
A secure cloud relies on some weak Internet infrastructure with some new BGP vulnerabilities that will be disclosed at Black Hat USA.
By Sara Peters Senior Editor at Dark Reading, 7/23/2015
Comment2 comments  |  Read  |  Post a Comment
Microsoft Acquires Israeli Cloud Security Firm Adallom
Nathan Eddy, Freelance WriterNews
Microsoft is dropping $320 million to purchase Adallom, a cloud security specialist that has offices in Tel Aviv and Palo Alto.
By Nathan Eddy Freelance Writer, 7/20/2015
Comment1 Comment  |  Read  |  Post a Comment
Ashley Madison Exposed: Affair Hookup Site Hacked, Member Data Posted Online
Dark Reading Staff, Quick Hits
Member data pilfered, posted in apparent hacktivist-style doxing attack.
By Dark Reading Staff , 7/20/2015
Comment10 comments  |  Read  |  Post a Comment
Darkode Shuttered But Cybercrime Still Alive And Well
Dark Reading Staff, News
Major international law enforcement takedown of exclusive criminal hacker forum highlights victory -- and challenges -- of global law enforcement of cybercrime.
By Fahmida Rashid, Contributing Editor , 7/17/2015
Comment0 comments  |  Read  |  Post a Comment
Researchers To Offer Free BGP Security Alert Tool Via Twitter
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New tool to be unveiled at Black Hat USA next month will tweet out route hijacking attacks on the Net.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/15/2015
Comment0 comments  |  Read  |  Post a Comment
Inside A Vicious DDoS Attack
Anthony Lye, President & CEO Chief Executive Officer, HotSchedulesCommentary
What it's really like to fend off a relentless distributed denial-of-service attack.
By Anthony Lye President & CEO Chief Executive Officer, HotSchedules, 7/14/2015
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Radio: Firewall Smackdown
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Is there a future for the venerable firewall? Security CEOs Asaf Cidon of Sookasa and Jody Brazil of FireMon debate the issues in our latest radio show.
By Marilyn Cohodas Community Editor, Dark Reading, 7/13/2015
Comment1 Comment  |  Read  |  Post a Comment
How To Make Internet Voting Secure
Jai Vijayan, Freelance writerNews
To be effective, an Internet voting system has to auditable every step of the way, a new study says.
By Jai Vijayan Freelance writer, 7/10/2015
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-08-28
Buffer overflow in CHICKEN 4.9.0.x before, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index[-ci] procedures."

Published: 2015-08-28
Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.

Published: 2015-08-28
Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

Published: 2015-08-28
The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo78045.

Published: 2015-08-28
Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.