Application Security //

Database Security

News & Commentary
Evidence in Starwood/Marriott Breach May Point to China
Dark Reading Staff, Quick Hits
Attackers used methods, tools previously used by known Chinese hackers.
By Dark Reading Staff , 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The unusually long dwell time in the Starwood breach has implications for both parent company Marriott International and the companies watching to learn from.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 12/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Quora Breach Exposes Information of 100 Million Users
Dark Reading Staff, Quick Hits
The massive breach has exposed passwords for millions who didn't remember having a Quora account.
By Dark Reading Staff , 12/4/2018
Comment0 comments  |  Read  |  Post a Comment
First Lawsuits Filed in Starwood Hotels' Breach
Dark Reading Staff, Quick Hits
Class-action suits have been filed on behalf of guests and shareholders, with more expected.
By Dark Reading Staff , 12/3/2018
Comment0 comments  |  Read  |  Post a Comment
Massive Starwood Hotels Breach Hits 500 Million Guests
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among the unknowns: who is behind the breach and how many of the affected records have been sold or used by criminals.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/30/2018
Comment1 Comment  |  Read  |  Post a Comment
Incorrect Assessments of Data Value Putting Organizations at Risk
Jai Vijayan, Freelance writerNews
Information security groups often underestimate or overestimate the true value of data assets, making it harder to prioritize controls.
By Jai Vijayan Freelance writer, 11/28/2018
Comment0 comments  |  Read  |  Post a Comment
Barclays, Walmart Join New $85M Innovation Coalition
Dark Reading Staff, Quick Hits
Innovation incubator Team8 recruits major partners, investors to create new products that help businesses 'thrive by security.'
By Dark Reading Staff , 10/23/2018
Comment2 comments  |  Read  |  Post a Comment
Oracle Issues Massive Collection of Critical Security Updates
Dark Reading Staff, Quick Hits
The software updates from Oracle address a record number of vulnerabilities.
By Dark Reading Staff , 10/17/2018
Comment1 Comment  |  Read  |  Post a Comment
GAO Says Equifax Missed Flaws, Intrusion in Massive Breach
Dark Reading Staff, Quick Hits
A report from the Government Accountability Office details the issues found and opportunities missed in the huge 2017 Equifax data breach.
By Dark Reading Staff , 9/10/2018
Comment1 Comment  |  Read  |  Post a Comment
T-Mobile Hit With Customer Information Hack
Dark Reading Staff, Quick Hits
Approximately 2 million users said to be affected.
By Dark Reading Staff , 8/24/2018
Comment0 comments  |  Read  |  Post a Comment
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.Commentary
There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?
By Dana Simberkoff Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc., 8/20/2018
Comment7 comments  |  Read  |  Post a Comment
Australian Teen Hacked Apple Network
Dark Reading Staff, Quick Hits
Yale Discloses Data Breach
Dark Reading Staff, Quick Hits
The university discloses that someone stole personal information a long time ago.
By Dark Reading Staff , 7/31/2018
Comment1 Comment  |  Read  |  Post a Comment
US-CERT Warns of ERP Application Hacking
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ERP applications such as Oracle and SAP's are open to exploit and under attack, according to a new report referenced in a US-CERT warning.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/25/2018
Comment0 comments  |  Read  |  Post a Comment
HR Services Firm ComplyRight Suffers Major Data Breach
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
More than 7,500 customer companies were affected, and the number of individuals whose information was leaked is unknown.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/20/2018
Comment0 comments  |  Read  |  Post a Comment
GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?
Sara Peters, Senior Editor at Dark ReadingNews
The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.
By Sara Peters Senior Editor at Dark Reading, 5/25/2018
Comment14 comments  |  Read  |  Post a Comment
Encryption is Necessary, Tools and Tips Make It Easier
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/3/2018
Comment0 comments  |  Read  |  Post a Comment
12 Trends Shaping Identity Management
Sara Peters, Senior Editor at Dark Reading
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
By Sara Peters Senior Editor at Dark Reading, 4/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Serverless Architectures: A Paradigm Shift in Application Security
Ory Segal, CTO, PureSecCommentary
"Serverless" forces software architects and developers to approach security by building it in rather than bolting it on. But there is a downside.
By Ory Segal CTO, PureSec, 4/9/2018
Comment0 comments  |  Read  |  Post a Comment
Electric Utility Hit with Record Fine for Vulnerabilities
Dark Reading Staff, Quick Hits
An unnamed power company has consented to a record fine for leaving critical records exposed.
By Dark Reading Staff , 3/14/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19980
PUBLISHED: 2018-12-08
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService.
CVE-2018-19961
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
CVE-2018-19962
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
CVE-2018-19963
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
CVE-2018-19964
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.