News & Commentary
Chipping Away At Credit Card Fraud With EMV
Deborah Baxley, Principal, Cards & Payments, Capgemini Financial ServicesCommentary
As of October 1, so-called chip-and-pin technology is now the law of the land for electronic payments in the US. But it’s not the silver bullet that will instantly stop all cybercrime.
By Deborah Baxley Principal, Cards & Payments, Capgemini Financial Services, 10/8/2015
Comment0 comments  |  Read  |  Post a Comment
'Evil' Kemoge Serves Androids Ads And Rootkits
Sara Peters, Senior Editor at Dark ReadingNews
Malware is wrapped into a wide variety of legitimate apps on third-party stores and one on Google Play.
By Sara Peters Senior Editor at Dark Reading, 10/7/2015
Comment1 Comment  |  Read  |  Post a Comment
What The EU’s Safe Harbor Ruling Means For Data Privacy In The Cloud
Michael Fey, President & COO, Blue CoatCommentary
The European Court of Justice today struck down the 15-year-old data transfer agreement between the European Union and the US. Here’s how to begin to prepare for the fallout.
By Michael Fey President & COO, Blue Coat, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
Researchers Disrupt Angler Exploit Kit, Ransomware Operation
Sara Peters, Senior Editor at Dark ReadingNews
Cisco Talos Group estimates Angler is making $60 million per year from ransomware alone.
By Sara Peters Senior Editor at Dark Reading, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
Insider Threats, Data Privacy Are Overlooked By Businesses
William Terdoslavich, Freelance WriterNews
Data security and data breaches are all over the news. However, not all companies are paying as close attention to insider threats and data privacy as they should. A new survey looks at the risks.
By William Terdoslavich Freelance Writer, 10/2/2015
Comment1 Comment  |  Read  |  Post a Comment
Stagefright 2.0 Vuln Affects Nearly All Android Devices
Sara Peters, Senior Editor at Dark ReadingNews
Worst threat is only to version 5.0 Lollipop and later.
By Sara Peters Senior Editor at Dark Reading, 10/1/2015
Comment2 comments  |  Read  |  Post a Comment
And Now A Malware Tool That Has Your Back
Jai Vijayan, Freelance writerNews
In an unusual development, white hat malware is being used to secure thousands of infected systems, not to attack them, Symantec says.
By Jai Vijayan Freelance writer, 10/1/2015
Comment3 comments  |  Read  |  Post a Comment
El Capitan Hands-On: New Mac OS X Provides Better Security
Larry Loeb, Blogger, InformationweekCommentary
The latest version of the Mac OS X, called El Capitan, looks a lot like the last version with some visual and functionality improvements. However, it's the added security that makes the upgrade worth it.
By Larry Loeb Blogger, Informationweek, 10/1/2015
Comment5 comments  |  Read  |  Post a Comment
New Tactic Finds RAT Operators Fast
Sara Peters, Senior Editor at Dark ReadingNews
Low tolerance for latency makes RAT operators less likely to use proxies, easier to track back home.
By Sara Peters Senior Editor at Dark Reading, 9/29/2015
Comment1 Comment  |  Read  |  Post a Comment
The 'Remediation Gap:' A 4-Month Invitation To Attack
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Organizations set out the welcome mat for cyberattackers by taking an average of 120 days to patch flaws.
By Ericka Chickowski Contributing Writer, Dark Reading, 9/29/2015
Comment2 comments  |  Read  |  Post a Comment
The Unintended Attack Surface Of The Internet Of Things
Oliver Tavakoli, CTO, Vectra Networks, Inc.Commentary
How a vulnerability in a common consumer WiFi device is challenging today’s enterprise security.
By Oliver Tavakoli CTO, Vectra Networks, Inc., 9/29/2015
Comment8 comments  |  Read  |  Post a Comment
10 Password Managers For Business Use
Sara Peters, Senior Editor at Dark Reading
Beyond helping end users keep track of their logins, some password managers can integrate with Active Directory and generate compliance reports.
By Sara Peters Senior Editor at Dark Reading, 9/28/2015
Comment3 comments  |  Read  |  Post a Comment
Microsoft Explains Windows 10 Privacy Policies
Kelly Sheridan, Associate Editor, InformationWeekNews
In response to the uproar over privacy concerns, Microsoft executives are clarifying how information is collected and used in Windows 10.
By Kelly Sheridan Associate Editor, InformationWeek, 9/28/2015
Comment7 comments  |  Read  |  Post a Comment
Deconstructing The Challenges Of Software Assurance For Connected Cars
Anna Chiang, Technical Marketing Manager, Perforce SoftwareCommentary
Ensuring software security in the auto industry will entail careful attention to all aspects of software development: design, coding standards, testing, verification and run-time assurance.
By Anna Chiang Technical Marketing Manager, Perforce Software, 9/28/2015
Comment1 Comment  |  Read  |  Post a Comment
FTC v. Wyndham: ‘Naughty 9’ Security Fails to Avoid
Jason Straight, Senior VP & Chief Privacy Officer, UnitedLexCommentary
The Federal Trade Commission’s fair trade suit against Wyndham hotels offers insight into the brave new world of cybersecurity regulation of consumer data.
By Jason Straight Senior VP & Chief Privacy Officer, UnitedLex, 9/25/2015
Comment3 comments  |  Read  |  Post a Comment
4 IoT Cybersecurity Issues You Never Thought About
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Government, industry and security professionals problem-solve the daunting challenges of the Internet of Things.
By Marilyn Cohodas Community Editor, Dark Reading, 9/24/2015
Comment2 comments  |  Read  |  Post a Comment
Gartner: Global Security Spending Rises Nearly 5% Despite 'Commoditization'
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security market to hit $75.4 billion in 2015, but endpoint and consumer software segments slowing due to saturation.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/23/2015
Comment0 comments  |  Read  |  Post a Comment
5 Most Common Firewall Configuration Mistakes
Kyle Wickert, Lead Solution Architect, Product & Deployment, AlgoSecCommentary
A misconfigured firewall can damage your organization in more ways than you think. Here’s where to look for the holes.
By Kyle Wickert Lead Solution Architect, Product & Deployment, AlgoSec, 9/17/2015
Comment1 Comment  |  Read  |  Post a Comment
Why Is Endpoint Security Failing?
Manish Patel, Senior Product Marketing Manager, Tenable
Endpoint security assurance is not just about detecting threats, but about building a more effective endpoint security program.
By Manish Patel Senior Product Marketing Manager, Tenable, 9/17/2015
Comment2 comments  |  Read  |  Post a Comment
AirDrop Exploit Drops Malware On Mac, iPhone, But Not iOS 9
Dark Reading Staff, Quick Hits
iOS 9 drops today, and includes a patch for the vulnerability that lets attackers bomb any iOS and Mac device within Bluetooth range, via the Airdrop file-sharing feature.
By Dark Reading Staff , 9/16/2015
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-08
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Published: 2015-10-06
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.

Published: 2015-10-06
Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove stored SMS messages via a crafted application, aka internal bug 22343270.

Published: 2015-10-06
mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22954006.

Published: 2015-10-06
The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.