Dark Reading Radio - Archives
Upcoming Dark Reading Radio
Retail Hacking: What To Expect This Holiday Season
Date: 11/19/2014
More information and registration
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals? We’ll take look at what to expect from attackers—and their retailer targets.
Security Reports From the Field
Date: 10/8/2014
More information and registration
Join Dark Reading's Sara Peters as she goes into the field to talk with Ed Pagett, Chief Information Security Officer of Black Knight Financial Services at Interop NY; and Jay Healey, Director of the Cyber Statecraft Initiative for the Atlantic Council at Black Hat 2014.
How to Hack a Human
Date: 10/1/2014
More information and registration
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using with Dark Reading managing editor Kelly Jackson Higgins.
Hot Issues in Application Security
Date: 9/24/2014
More information and registration
A Grown-Up Conversation About Passwords
Date: 9/17/2014
More information and registration
Join Cormac Herley, principal researcher for Microsoft Research, and Dark Reading Senior Editor Sara Peters for a grown-up conversation about passwords on Dark Reading Radio.
CISO Insider: An Interview with James Christiansen of Accuvant
Date: 9/10/2014
More information and registration
Join Dark Reading for an in-depth CISO interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant
The Best of the Rest of Black Hat: The Best for Last?
Date: 9/3/2014
More information and registration
Join host Sara Peters as she brings you interviews recorded live at Black Hat 2014 in Las Vegas.
The Best of the Rest of Black Hat: The Enterprise View
Date: 8/27/2014
More information and registration
Join us for an episode that looks at infosec from the large enterprise POV. The editors of Dark Reading bring you two interviews recorded at Black Hat 2014: Interviews with experts who have unique perspectives on the issues facing large organizations whose critical infrastructure and IP are always under attack.
The Best of the Rest of Black Hat: Do Critical Systems Trust Too Much?
Date: 8/20/2014
More information and registration
This episode features three interviews with security researchers who tackled the topic of critical embedded systems and their (lack of) security.
The Best of the Rest of Black Hat, Part 1
Date: 8/13/2014
More information and registration
More interviews, news, and commentary from the recent Black Hat 2014 conference in Las Vegas.
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/7/2014
More information and registration
Join us for the final of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/7/2014
More information and registration
Join us for the first of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/6/2014
More information and registration
Join us for the second of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Dark Reading Radio LIVE from Black Hat 2014
Date: 8/6/2014
More information and registration
Join us for the first of four episodes live from Black Hat 2014. Dark Reading will bring you the best of the conference if you can't make it to Las Vegas!
Data Loss Prevention (DLP) FAIL
Date: 7/30/2014
More information and registration
Join us as security researcher Zach Lanier provides a peek at the surprising weaknesses in DLP
Botnet Takedowns: Who's Winning, Who's Losing
Date: 7/23/2014
More information and registration
How can we achieve the maximum botnet disruption with the minimum collateral damage? We'll pick the brain of Craig D. Spiezle, executive director and founder of the Online Trust Alliance in this critical episode.
Cyber Security’s Hottest Startups – And How They Get That Way
Date: 7/16/2014
Host:
Tim Wilson, Editor in Chief, Dark Reading; Rick Gordon, Managing Partner, Mach37
More information and registration
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.
The Changing Role of the CSO
Date: 7/9/2014
Host:
Rick Howard, Bob Quinn, and Steve Durbin
More information and registration
Marilyn Cohodas and her guests talk about the evolving relationship between CIO and CSO.
Hacked: Oracle Database Security
Date: 7/2/2014
Host:
David Litchfield
More information and registration
Kelly Jackson Higgins talks with David Litchfield about the true security of Oracle's latest security feature.
RAT Exterminators: Update on the GOZeus Sting
Date: 6/25/2014
Host:
Adam Meyers
More information and registration
In this episode of Dark Reading Radio we find out how successful Operation Tovar has been thusfar, how cybercriminals have responded, and what happens next.
Phishing, Watering Holes, And Other Social Engineering Scams
Date: 6/18/2014
Host:
Scott Gréaux, Vice President, Product Management and Services at PhishMe
More information and registration
Today’s “social engineering” attackers know a thousand ways to fool your users. In this special edition of Dark Reading Radio, we speak to one of the industry’s top experts on social engineering to find out how your business can stop them.
Breaking the Glass Ceiling in InfoSec
Date: 6/11/2014
Host:
Marisa Fagan, community manager at Bugcrowd; Kerstyn Clover, consultant on the SecureState Attack and Defense Team; and Lysa Myers, security researcher for ESET
More information and registration
What does it take to break the glass ceiling in infosec? This panel, led by Marilyn Cohodas, gives you the information you need to hammer away at a very real problem.
Pay Up Or Never See Your Data Again: Ransomware Raises The Stakes
Date: 6/4/2014
Host:
Kelly Jackson-Higgins and Lance James
More information and registration
How can you prevent or defend against the new and more destructive forms of ransomware? In this episode of Dark Reading Radio, Lance James, a renowned security expert and head of cyber intelligence at Deloitte & Touche, will provide a peek at his upcoming presentation for Black Hat USA.
The Real Reason You Can't Fill Vacant Security Jobs
Date: 5/28/2014
More information and registration
You're desperately looking for a qualified security professional. In this episode of Dark Reading Radio, experts will discuss why you must take a deep breath, steel your nerves and entirely shake up your hiring process.
Pen Testing: A Day in the Life
Date: 5/21/2014
More information and registration
How does a pen testing project work? Who are the people behind it, and exactly what do they do to test enterprise defenses? Editor in chief Tim Wilson interviews John Sawyer to bring you all the answers.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5395
Published: 2014-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users ...

CVE-2014-7137
Published: 2014-11-21
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4...

CVE-2014-7871
Published: 2014-11-21
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.

CVE-2014-8090
Published: 2014-11-21
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nes...

CVE-2014-8469
Published: 2014-11-21
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?