Car Hacking Shifts Into High Gear
Emerging Web Infrastructure Threats
Detection: A Balanced Approach For Mitigating Risk
Time's Running Out For The $76 Billion Detection Industry
Poor Priorities, Lack Of Resources Put Enterprises At Risk, Security Pros Say
News & Commentary
Cyber Boot Camp: Lessons Learned
Marilyn Cohodas, Community Editor, Dark Reading
What happens when 50 young people spend a week in the trenches with cybersecurity researchers from ESET? One picture is worth a thousand words. Here are seven.
By Marilyn Cohodas Community Editor, Dark Reading, 7/31/2015
Comment2 comments  |  Read  |  Post a Comment
GM Vehicles Can Be Located, Unlocked, Started Remotely Via OnStar App
Jai Vijayan, Freelance writerNews
White Hat hacker Samy Kamkar’s OwnStart device latest to show up vulnerabilities in modern vehicles
By Jai Vijayan Freelance writer, 7/31/2015
Comment1 Comment  |  Read  |  Post a Comment
Startup 'Stealth Worker' Matches Businesses With Security Talent
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New online service helps businesses looking for part-time security professionals fill specific job needs.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/30/2015
Comment2 comments  |  Read  |  Post a Comment
There's Another Android Media Vulnerability, But Google Isn't Worried
Sara Peters, Senior Editor at Dark ReadingNews
Vulnerability could become a favorite of ransomware operators, but Google has left it unpatched for more than two months.
By Sara Peters Senior Editor at Dark Reading, 7/30/2015
Comment1 Comment  |  Read  |  Post a Comment
Study Reveals the Most Common Attack Methods of Data Thieves
Raja Patel, Vice President and General Manager of Network Security at Intel Security
Learning more about your attackers helps to improve your security profile and reduce the possibility of a breach.
By Raja Patel Vice President and General Manager of Network Security at Intel Security, 7/30/2015
Comment1 Comment  |  Read  |  Post a Comment
Closing The Gap Between Security & Networking Ops: 5 Best Practices
Nimmy Reichenberg, VP of Strategy, AlgoSecCommentary
If your factions are warring, there’s a lot you can do about it. Here’s how -- and why you can’t afford to wait.
By Nimmy Reichenberg VP of Strategy, AlgoSec, 7/30/2015
Comment1 Comment  |  Read  |  Post a Comment
From Russia With Love: A Slew of New Hacker Capabilities and Services
Jai Vijayan, Freelance writerNews
A review of the Russian underground by Trend Micro reveals it to be the world’s most sophisticated.
By Jai Vijayan Freelance writer, 7/30/2015
Comment0 comments  |  Read  |  Post a Comment
Anthem Breach Linked To Black Vine Group & Beijing InfoSec Firm
Sara Peters, Senior Editor at Dark ReadingNews
Health insurer's breach of 80 million records attributed to 'well-resourced cyberespionage group' Black Vine. Could they also be behind breaches at OPM and United Airlines?
By Sara Peters Senior Editor at Dark Reading, 7/29/2015
Comment0 comments  |  Read  |  Post a Comment
Can't Touch This: 'Hammertoss' Russian Cyberspies Hide In Plain Sight
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
APT29 cyber espionage attackers operate under the cover of legitimate services including Twitter, Github, and cloud storage services.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/29/2015
Comment3 comments  |  Read  |  Post a Comment
Code Theft: Protecting IP At The Source
Anna Chiang, Technical Marketing Manager, Perforce SoftwareCommentary
Your corporate assets are at risk and every day that you avoid taking action shortens the time until your IP will be leaked. Here are six steps toward better data security.
By Anna Chiang Technical Marketing Manager, Perforce Software, 7/29/2015
Comment2 comments  |  Read  |  Post a Comment
Researchers Steal Door Badge Credentials Using Smartphone Bluetooth
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Weakness in facility access control protocol leaves most badge-in systems open to attack.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/28/2015
Comment2 comments  |  Read  |  Post a Comment
Lockheed Martin-Led Consortium Builds Secure 'System Of Systems'
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Multilevel Security (MLS) group says this policy-based architecture could apply to sensitive commercial networks as well as government agencies.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/28/2015
Comment11 comments  |  Read  |  Post a Comment
How To Put Data At The Heart Of Your Security Practice
Jay Jacobs, Senior Data Scientist, BitSight TechnologiesCommentary
First step: A good set of questions that seek out objective, measurable answers.
By Jay Jacobs Senior Data Scientist, BitSight Technologies, 7/28/2015
Comment1 Comment  |  Read  |  Post a Comment
What 30 Classic Games Can Teach Us about Security
David Spark, Veteran Tech journalist and founder of Spark Media Solutions
Information security experts share their thoughts on how participating in games and sports helped hone their professional skills.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 7/28/2015
Comment2 comments  |  Read  |  Post a Comment
New Phishing Campaign Leverages Google Drive
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Researchers believe technique is geared to take over Google SSO accounts.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/28/2015
Comment1 Comment  |  Read  |  Post a Comment
Stagefright Android Bug: 'Heartbleed for Mobile' But Harder To Patch
Sara Peters, Senior Editor at Dark ReadingNews
Critical vulnerability in Android's multimedia playback engine is easy to exploit, requires no user interaction, and affects 95 percent of Android devices.
By Sara Peters Senior Editor at Dark Reading, 7/27/2015
Comment0 comments  |  Read  |  Post a Comment
Interop Radio: Gen. John Michel On Leadership
Curtis Franklin Jr., Executive Editor, Technical ContentCommentary
Gen. John Michel joins us for the debut of our new show, Interop Radio's Business Matters.
By Curtis Franklin Jr. Executive Editor, Technical Content, 7/27/2015
Comment1 Comment  |  Read  |  Post a Comment
Phishing Attacks Drive Spike In DNS Threat
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Nearly 75% jump in phishing helped propel DNS abuse in the second quarter of this year.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/27/2015
Comment0 comments  |  Read  |  Post a Comment
The First 24 Hours In The Wake Of A Data Breach
Stephen Treglia, JD, HCISPP, Legal Counsel & HIPAA Compliance Officer- Investigations, Absolute SoftwareCommentary
There is a direct correlation between how quickly an organization can identify and contain a data breach and the financial consequences that may result.
By Stephen Treglia JD, HCISPP, Legal Counsel & HIPAA Compliance Officer- Investigations, Absolute Software, 7/27/2015
Comment0 comments  |  Read  |  Post a Comment
iPhone Kill Switch: How Effective Is It?
Eric Zeman, Commentary
A new report shows that the iPhone kill switch may not be as effective as first thought. What does this mean for other smartphone kill switches?
By Eric Zeman , 7/27/2015
Comment9 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by madhukrishnaneli
Current Conversations good work
In reply to: Re: Pending Review
Post Your Own Reply
More Conversations
PR Newswire
Lockheed Martin-Led Consortium Builds Secure 'System Of Systems'
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/28/2015
Can't Touch This: 'Hammertoss' Russian Cyberspies Hide In Plain Sight
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/29/2015
Researchers Steal Door Badge Credentials Using Smartphone Bluetooth
Ericka Chickowski, Contributing Writer, Dark Reading,  7/28/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
What 30 Classic Games Can Teach Us about Security
Information security experts share their thoughts on how participating in games and sports helped hone their professional skills. Read >>
Cartoon
Latest Comment: good work
Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1009
Published: 2015-07-31
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

CVE-2015-1486
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.

CVE-2015-1487
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.

CVE-2015-1488
Published: 2015-07-31
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.

CVE-2015-1489
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed