EU, US Agree On New Data Transfer Pact, But Will It Hold?
7 Signs of Infosec's Groundhog Day Syndrome
Cybercrime Doesn't Pay As Much As You'd Think
Macros, Network Sniffers, But Still No 'Smoking Gun' In Ukraine Blackout
How (And Why) Hackers Target Your Business
News & Commentary
Online 'Batman' Takes On Dridex Banking Trojan Operators
Jai Vijayan, Freelance writerNews
Several Dridex malware download sites have begun mysteriously serving up antivirus software instead.
By Jai Vijayan Freelance writer, 2/5/2016
Comment0 comments  |  Read  |  Post a Comment
A Case Of Mistaken Identity?
Christiaan Beek, Threat Intelligence Research, Office of the CTO,Intel Security
The role of BlackEnergy in Ukrainian power grid disruption.
By Christiaan Beek Threat Intelligence Research, Office of the CTO,Intel Security, 2/5/2016
Comment0 comments  |  Read  |  Post a Comment
Newly Fired CEO Of Norse Fires Back At Critics
Jai Vijayan, Freelance writerNews
Critics maintain that Norse Corp. is peddling threat data as threat intelligence.
By Jai Vijayan Freelance writer, 2/4/2016
Comment1 Comment  |  Read  |  Post a Comment
Here’s How To Protect Against A Ransomware Attack
Jai Vijayan, Freelance writerNews
Recovering data encrypted by a ransomware attack is next to impossible, so prevention offers the better approach.
By Jai Vijayan Freelance writer, 2/4/2016
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Smackdown: What Side Are You On?
Dark Reading Staff, Commentary
Analytics vs. Encryption. Prevention vs. Detection. Machine Learning: Promise or Hype? The Firewall: Dead or Still Breathing? The sharpest minds in the security industry debate some of the industry's most contentious issues.
By Dark Reading Staff , 2/4/2016
Comment2 comments  |  Read  |  Post a Comment
New Kid On The Block: Cyber Threat Analyst
Bob G. Stasio, Senior Product Manager, Cyber Analysis, IBMCommentary
Drawing from the financial service industry, this new role uses the “art of the intelligence cycle” to drive efficiency in the security operations center.
By Bob G. Stasio Senior Product Manager, Cyber Analysis, IBM, 2/4/2016
Comment0 comments  |  Read  |  Post a Comment
The #1 Riskiest Mobile Users Wear Suits
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Business users top the rankings of those most likely to engage with risky apps and URLs on their smartphones and tablets.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/4/2016
Comment0 comments  |  Read  |  Post a Comment
Agriculture, Alternative Energy Could Be Chinese Hackers' Next Targets
Sara Peters, Senior Editor at Dark ReadingNews
Perhaps Anthem and Premera breaches were not just about stealing PII, but about researching the ins and outs of Western healthcare systems, CrowdStrike's annual global threat report says.
By Sara Peters Senior Editor at Dark Reading, 2/3/2016
Comment0 comments  |  Read  |  Post a Comment
Lights Out: Not So Fast
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Author and famed broadcast journalist Ted Koppel's new bestseller warns of a 'likely' nationwide and devastating blackout of the US grid at the hands of hackers, but some government and utility industry officials disagree.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/3/2016
Comment3 comments  |  Read  |  Post a Comment
Passwords, Email Addresses, Were Most Stolen Data In 2015
Dark Reading Staff, Quick Hits
Analysis of public data breaches finds US and UK represented more than 45% of all reported breaches last year, and major energy firms make the list of most multiple breaches.
By Dark Reading Staff , 2/3/2016
Comment1 Comment  |  Read  |  Post a Comment
Zero Trust: Now A Critical Foundation For Securing Mobile
Adam Ely, COO, BlueboxCommentary
No longer willing to rely on an OS that doesn't provide the security features they need, developers are taking steps to secure apps, defend data, and protect users.
By Adam Ely COO, Bluebox, 2/3/2016
Comment0 comments  |  Read  |  Post a Comment
7 Signs of Infosec's Groundhog Day Syndrome
Ericka Chickowski, Contributing Writer, Dark Reading
Irritations that plague security pros day in and day out.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/2/2016
Comment1 Comment  |  Read  |  Post a Comment
EU, US Agree On New Data Transfer Pact, But Will It Hold?
Sara Peters, Senior Editor at Dark ReadingNews
So long Safe Harbor, hello 'Privacy Shield.'
By Sara Peters Senior Editor at Dark Reading, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Encryption Has Its Place But It Isn’t Foolproof
Doug Clare, Vice President of Product Management, FICOCommentary
Most encrypted data is unencrypted at some point in its lifecycle -- and the bad guys are pretty good at finding the one window left open.
By Doug Clare Vice President of Product Management, FICO, 2/2/2016
Comment2 comments  |  Read  |  Post a Comment
As Good As They're Getting, Analytics Don't Inherently Protect Data
Scott Petry , Co-Founder & CEO of Authentic8Commentary
It is only a matter of time before your system is breached, and when your data is lost, analytics won't help you.
By Scott Petry Co-Founder & CEO of Authentic8, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Macro Malware Resurgence Highlighted By Kasidet Outbreak
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Also known as Neutrino, this piece of malware is another case of Office macro malaise.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Doesn't Pay As Much As You'd Think
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Legit cybersecurity professionals typically make more than the average cybercriminal, a new survey says.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/1/2016
Comment6 comments  |  Read  |  Post a Comment
First Hacker Arrested for CyberTerror Charges Arrives In American Court
Dark Reading Staff, Quick Hits
Kosovo citizen faces a maximum sentence of 35 years in prison for hacking and providing material support to ISIS.
By Dark Reading Staff , 2/1/2016
Comment0 comments  |  Read  |  Post a Comment
The Cybersecurity Talent You Seek May Be In-House
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
IT staff in many cases are already performing security-related work -- with proper training, they could be converted to the security team.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 2/1/2016
Comment1 Comment  |  Read  |  Post a Comment
IEEE Anti-Malware Support Service Goes Live
Mark Kennedy, Chair, IEEE Industry Connections Security Group, Chair, IEEE Malware Working GroupCommentary
Through the collaborative effort of major players in the computer security industry, organizations now have two new tools for better malware detection.
By Mark Kennedy Chair, IEEE Industry Connections Security Group, Chair, IEEE Malware Working Group, 2/1/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Jamesbrownpal
Current Conversations good information nice
In reply to: Re: Pending Review
Post Your Own Reply
More Conversations
PR Newswire
Cybercrime Doesn't Pay As Much As You'd Think
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/1/2016
Lights Out: Not So Fast
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/3/2016
Cybersecurity Smackdown: What Side Are You On?
Dark Reading Staff 2/4/2016
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
Latest Comment: nice one good
Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed