Dark Reading Radio - Archives
Upcoming Dark Reading Radio
Security Reports From the Field
Date: 10/8/2014
More information and registration
Join Dark Reading's Sara Peters as she goes into the field to talk with Ed Pagett, Chief Information Security Officer of Black Knight Financial Services at Interop NY; and Jay Healey, Director of the Cyber Statecraft Initiative for the Atlantic Council at Black Hat 2014.
How to Hack a Human
Date: 10/1/2014
More information and registration
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using with Dark Reading managing editor Kelly Jackson Higgins.
Hot Issues in Application Security
Date: 9/24/2014
More information and registration
A Grown-Up Conversation About Passwords
Date: 9/17/2014
More information and registration
Join Cormac Herley, principal researcher for Microsoft Research, and Dark Reading Senior Editor Sara Peters for a grown-up conversation about passwords on Dark Reading Radio.
CISO Insider: An Interview with James Christiansen of Accuvant
Date: 9/10/2014
More information and registration
Join Dark Reading for an in-depth CISO interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant
The Best of the Rest of Black Hat: The Best for Last?
Date: 9/3/2014
More information and registration
Join host Sara Peters as she brings you interviews recorded live at Black Hat 2014 in Las Vegas.
The Best of the Rest of Black Hat: The Enterprise View
Date: 8/27/2014
More information and registration
Join us for an episode that looks at infosec from the large enterprise POV. The editors of Dark Reading bring you two interviews recorded at Black Hat 2014: Interviews with experts who have unique perspectives on the issues facing large organizations whose critical infrastructure and IP are always under attack.
The Best of the Rest of Black Hat: Do Critical Systems Trust Too Much?
Date: 8/20/2014
More information and registration
This episode features three interviews with security researchers who tackled the topic of critical embedded systems and their (lack of) security.
The Best of the Rest of Black Hat, Part 1
Date: 8/13/2014
More information and registration
More interviews, news, and commentary from the recent Black Hat 2014 conference in Las Vegas.
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/7/2014
More information and registration
Join us for the final of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/7/2014
More information and registration
Join us for the first of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/6/2014
More information and registration
Join us for the second of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/6/2014
More information and registration
Join us for the first of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Data Loss Prevention (DLP) FAIL
Date: 7/30/2014
More information and registration
Join us as security researcher Zach Lanier provides a peek at the surprising weaknesses in DLP
Botnet Takedowns: Who's Winning, Who's Losing
Date: 7/23/2014
More information and registration
How can we achieve the maximum botnet disruption with the minimum collateral damage? We'll pick the brain of Craig D. Spiezle, executive director and founder of the Online Trust Alliance in this critical episode.
Cyber Security’s Hottest Startups – And How They Get That Way
Date: 7/16/2014
Host:
Tim Wilson, Editor in Chief, Dark Reading; Rick Gordon, Managing Partner, Mach37
More information and registration
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.
The Changing Role of the CSO
Date: 7/9/2014
Host:
Rick Howard, Bob Quinn, and Steve Durbin
More information and registration
Marilyn Cohodas and her guests talk about the evolving relationship between CIO and CSO.
Hacked: Oracle Database Security
Date: 7/2/2014
Host:
David Litchfield
More information and registration
Kelly Jackson Higgins talks with David Litchfield about the true security of Oracle's latest security feature.
RAT Exterminators: Update on the GOZeus Sting
Date: 6/25/2014
Host:
Adam Meyers
More information and registration
In this episode of Dark Reading Radio we find out how successful Operation Tovar has been thusfar, how cybercriminals have responded, and what happens next.
Phishing, Watering Holes, And Other Social Engineering Scams
Date: 6/18/2014
Host:
Scott Gréaux, Vice President, Product Management and Services at PhishMe
More information and registration
Today’s “social engineering” attackers know a thousand ways to fool your users. In this special edition of Dark Reading Radio, we speak to one of the industry’s top experts on social engineering to find out how your business can stop them.
Breaking the Glass Ceiling in InfoSec
Date: 6/11/2014
Host:
Marisa Fagan, community manager at Bugcrowd; Kerstyn Clover, consultant on the SecureState Attack and Defense Team; and Lysa Myers, security researcher for ESET
More information and registration
What does it take to break the glass ceiling in infosec? This panel, led by Marilyn Cohodas, gives you the information you need to hammer away at a very real problem.
Pay Up Or Never See Your Data Again: Ransomware Raises The Stakes
Date: 6/4/2014
Host:
Kelly Jackson-Higgins and Lance James
More information and registration
How can you prevent or defend against the new and more destructive forms of ransomware? In this episode of Dark Reading Radio, Lance James, a renowned security expert and head of cyber intelligence at Deloitte & Touche, will provide a peek at his upcoming presentation for Black Hat USA.
The Real Reason You Can't Fill Vacant Security Jobs
Date: 5/28/2014
More information and registration
You're desperately looking for a qualified security professional. In this episode of Dark Reading Radio, experts will discuss why you must take a deep breath, steel your nerves and entirely shake up your hiring process.
Pen Testing: A Day in the Life
Date: 5/21/2014
More information and registration
How does a pen testing project work? Who are the people behind it, and exactly what do they do to test enterprise defenses? Editor in chief Tim Wilson interviews John Sawyer to bring you all the answers.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.