Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
7 Cool New Security Tools to be Revealed at Black Hat Europe
Getting to Know Magecart: An Inside Look at 7 Groups
Understanding Evil Twin AP Attacks and How to Prevent Them
What You Should Know About Grayware (and What to Do About It)
The Morris Worm Turns 30
News & Commentary
Small-Time Cybercriminals Landing Steady Low Blows
Jai Vijayan, Freelance writerNews
High-end crime groups are acquiring the sorts of sophisticated capabilities only nation-states once had, while low-tier criminals maintain a steady stream of malicious activity, from cryptomining to PoS malware.
By Jai Vijayan Freelance writer, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Security Teams Struggle with Container Security Strategy
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Fewer than 30% of firms have more than a basic container security plan in place.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptojacking, Mobile Malware Growing Threats to the Enterprise
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
At the same time, criminal organizations continue to look for new ways to attack their victims.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Tim Wilson, Editor in Chief, Dark Reading, News
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data – and are fearful of a near-term breach of critical infrastructure.
By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Airlines Have a Big Problem with Bad Bots
Kelly Sheridan, Staff Editor, Dark ReadingNews
Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.
By Kelly Sheridan Staff Editor, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard TechnologiesCommentary
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.
By Ryan Orsi Director of Product Management for Wi-Fi at WatchGuard Technologies, 11/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Can Businesses Stand Up to Cybercrime? Only 61% Say Yes
Dark Reading Staff, Quick Hits
While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.
By Dark Reading Staff , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo SecurityCommentary
Mega hacks like the Facebook breach provide endless ammo for spearphishers. These six tips can help you stay safer.
By Kowsik Guruswamy Chief Technology Officer at Menlo Security, 11/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Patch Tuesday Recap: 12 Critical Bugs Fixed
Dark Reading Staff, Quick Hits
Eight of the 12 critical vulnerabilities addressed this month affect the Chakra Scripting Engine in Microsoft Edge.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Getting to Know Magecart: An Inside Look at 7 Groups
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report spills the details on Magecart, the criminal groups driving it, and ongoing attacks targeting low- and high-profile victims.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360Commentary
The toughest security problems involve people not technology. Here's how to motivate your frontline employees all the way from the service desk to the corner office.
By Shay Colson CISSP, Senior Manager, CyberClarity360, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Google Traffic Temporarily Rerouted via Russia, China
Kelly Sheridan, Staff Editor, Dark ReadingNews
The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Netskope Announces Series F Funding Round
Dark Reading Staff, Quick Hits
The $168.7 million round will go toward R&D and global expansion, says cloud access security broker provider.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
RIP, 'IT Security'
Kevin Kurzawa, Senior Information Security AuditorCommentary
Information security is vital, of course. But the concept of "IT security" has never made sense.
By Kevin Kurzawa Senior Information Security Auditor, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Sophisticated Campaign Targets Pakistan's Air Force
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Espionage campaign uses a variety of new evasion techniques.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
2018 on Track to Be One of the Worst Ever for Data Breaches
Jai Vijayan, Freelance writerNews
A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone.
By Jai Vijayan Freelance writer, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Paris Agreement on Cybercrime Falls Short of Unanimous Agreement
Dark Reading Staff, Quick Hits
More than 50 nations and 150 global companies agree to join effort to fight cybercrime.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap.
By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2018
Comment2 comments  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cyberattacks Top Business Risks in North America, Europe, EAP
Dark Reading Staff, Quick Hits
The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by James D. Jones
Current Conversations Really healpful information.
In reply to: nice
Post Your Own Reply
More Conversations
Products & Releases
Eurofins Digital Testing Launches Cyber Security Division
New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years
Nok Nok Labs Introduces Strong Account Recovery
CMMI Institute Updates Cybermaturity Platform with Practices to Build Cybersecurity Resilience
Phishing Attacks Exceed 137 Million in Q3: Kaspersky Lab
DH2i Launches DxOdyssey for Zero Trust Hybrid/Multi-Cloud Security
Romanian Indicted in Pittsburgh for Bank Fraud Scheme that Used ATM Skimming Devices
Shape Security Raises $26M Round
More Products & Releases
PR Newswire
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
A Cybersecurity Christmas Story
Automation and orchestration will be essential components of security in 2017. Read >>
Partner Perspectives
What's This?
'Insider Sabotage' among Top 3 Threats CISOs Can't yet Handle
These five steps can help your organizations limit the risks from disgruntled employees and user errors. Read >>
Partner Perspectives
What's This?
A Sneak Peek at the New NIST Cybersecurity Framework
Key focus areas include supply chain risks, identity management, and cybersecurity risk assessment and measurement. Read >>
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Continuous Compliance and Effective Audit Preparation for the Cloud
Why audits are a necessary evil, and how they can actually help you improve your brand value. Read >>
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12480
PUBLISHED: 2018-11-15
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3.
CVE-2015-9274
PUBLISHED: 2018-11-15
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.
CVE-2018-19286
PUBLISHED: 2018-11-15
The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value (along with an arbitrary username value), and then creating and sharing a note.
CVE-2018-19287
PUBLISHED: 2018-11-15
XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.
CVE-2018-19288
PUBLISHED: 2018-11-15
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Flash Poll
Video
Slideshows
Twitter Feed