Cyberspies Impersonate Security Researcher
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Cartoon: Security Moment Of Zen
Sights & Sounds Of Black Hat USA And DEF CON
Valasek Not Done With Car Hacking Just Yet
News & Commentary
China's Great Cannon: The Great Firewall's More Aggressive Partner
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Crowdstrike researchers visit Dark Reading News Desk at Black Hat to describe how China went on the offensive and extended its Internet censorship efforts beyond Chinese borders.
By Sara Peters Senior Editor at Dark Reading, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
New Shifu Banking Trojan An ‘Uber Patchwork’ Of Malware Tools
Jai Vijayan, Freelance writerNews
Sophisticated threat hitting banks in Japan combines best features of multiple previous banking malware, new IBM research says.
By Jai Vijayan Freelance writer, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Malware Author Stamped Code 'For Targeted Attacks Only'
Sara Peters, Senior Editor at Dark ReadingNews
When the Microsoft Word Intruder Office malware creation kit got too high-profile, the developer changed terms of service, Sophos report says.
By Sara Peters Senior Editor at Dark Reading, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Google, Mozilla Abandon RC4 Cryptographic Standard
Larry Loeb, Blogger, InformationweekCommentary
With Microsoft, Google, and Mozilla turning against the RC4 cryptographic suite, the standard will likely die in 2016.
By Larry Loeb Blogger, Informationweek, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Endpoint Security Firm Tanium Valued At $3.5 Billion
Dark Reading Staff, Quick Hits
Highest-valued venture-backed cybersecurity company worldwide closes $120 million venture capital round.
By Dark Reading Staff , 9/2/2015
Comment1 Comment  |  Read  |  Post a Comment
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Mark Weinstein, CEO, MeWe.comCommentary
You can read all you want about Windows 10 powerful new privacy features, but that doesn’t mean you have them.
By Mark Weinstein CEO, MeWe.com, 9/2/2015
Comment4 comments  |  Read  |  Post a Comment
Baby Monitors Expose Home -- And Business -- Networks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers find major security flaws in popular networked video baby monitor products that could allow attackers to snoop on babies and businesses.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/2/2015
Comment2 comments  |  Read  |  Post a Comment
Cyberspies Impersonate Security Researcher
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
'Rocket Kitten' pro-Iranian regime hackers focusing more on targeting individuals for geopolitical espionage.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Report: Ransomware Jumped 58 Percent in Q2
Sara Peters, Senior Editor at Dark ReadingNews
McAfee Threat Labs Report also zooms in on GPU malware and looks back on the first five years of the Intel-McAfee marriage.
By Sara Peters Senior Editor at Dark Reading, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Malware Pre-Installed On Over Two-Dozen Android Smartphone Brands
Jai Vijayan, Freelance writerNews
Threat affects several smartphones shipping from Asia including some popular ones such as Lenovo, Huawei, and Xiaomi, says G Data.
By Jai Vijayan Freelance writer, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
We Can Allow Cybersecurity Research Without Stifling Innovation
Gavin Reid, Vice President, Threat Intelligence, Lancope IncCommentary
The U.S. government is in a unique position to become a global leader in cybersecurity. But only if it retains the open spirit of the Internet that kick-started the Information Age.
By Gavin Reid Vice President, Threat Intelligence, Lancope Inc, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Your Worst Day In IT
David Spark, Veteran Tech journalist and founder of Spark Media Solutions
Turns out the most common culprits aren't what you might think.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Sights & Sounds Of Black Hat USA And DEF CON
Kelly Jackson Higgins, Executive Editor at Dark Reading
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
Sara Peters, Senior Editor at Dark ReadingNews
KeyRaider stole 225,000 legitimate Apple accounts and slammed devices with ransomware and phony purchases, but only jailbroken gear, mostly in China, is affected.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment2 comments  |  Read  |  Post a Comment
A CISO's View of Mobile Security Strategy, With Stacey Halota
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
10 Best Practices For BYOD Policy
Dark Reading Staff, News
Bring-your-own device doesn't have to mean bring your own security problems.
By Dark Reading Staff , 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Kevin West, CEO & founder, K logixCommentary
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
By Kevin West CEO & founder, K logix, 8/31/2015
Comment1 Comment  |  Read  |  Post a Comment
Ashley Madison CEO Resigns
Dark Reading Staff, Quick Hits
Once again, a security breach claims an executive's job, but the business plans to continue operating.
By Dark Reading Staff , 8/28/2015
Comment6 comments  |  Read  |  Post a Comment
FBI Sounds Alarm Again On Business Email Compromise Threat
Jai Vijayan, Freelance writerNews
Over 7,000 US business have been victimized by so-called BEC fraud between October 2013 and August 2015 alone, the FBI said in an alert this week.
By Jai Vijayan Freelance writer, 8/28/2015
Comment2 comments  |  Read  |  Post a Comment
The 7 ‘Most Common’ RATS In Use Today
Udi Shamir, Chief Security Officer, SentinelOneCommentary
Sniffing out RATS -- remote access Trojans -- is a challenge for even the most hardened cyber defender. Here’s a guide to help you in the hunt.
By Udi Shamir Chief Security Officer, SentinelOne, 8/28/2015
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Valasek Not Done With Car Hacking Just Yet
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/28/2015
Cybersecurity Under FTC Authority: What Does it Mean?
Tom Kellermann, Chief Cybersecurity Office, Trend Micro,  8/27/2015
Ashley Madison CEO Resigns
Dark Reading Staff 8/28/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3308
Published: 2015-09-02
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

CVE-2015-4330
Published: 2015-09-02
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

CVE-2015-6274
Published: 2015-09-02
The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.

CVE-2015-6277
Published: 2015-09-02
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote...

CVE-2015-6587
Published: 2015-09-02
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed