Endpoint
News & Commentary
7 Reasons To Love Passwords
Sara Peters, Senior Editor at Dark Reading
Passwords are often ridiculed, but there are some reasons they should be your nearest and dearest authentication factor.
By Sara Peters Senior Editor at Dark Reading, 9/17/2014
Comment2 comments  |  Read  |  Post a Comment
Data Privacy Etiquette: It's Not Just For Kids
Lysa Myers, Security Researcher, ESETCommentary
Children are the innocent victims of the worst effects of social media. Thatís why itís vital for adults to establish privacy values that are safe for them -- and the rest of us.
By Lysa Myers Security Researcher, ESET, 9/17/2014
Comment5 comments  |  Read  |  Post a Comment
DR Radio: A Grown-Up Conversation About Passwords
Sara Peters, Senior Editor at Dark ReadingCommentary
Cormac Herley of Microsoft Research will challenge everything you think you know about password management.
By Sara Peters Senior Editor at Dark Reading, 9/16/2014
Comment4 comments  |  Read  |  Post a Comment
In Defense Of Passwords
Corey Nachreiner, Director, Security Strategy & Research, WatchGuard TechnologiesCommentary
Long live the password (as long as you use it correctly along with something else).
By Corey Nachreiner Director, Security Strategy & Research, WatchGuard Technologies, 9/16/2014
Comment12 comments  |  Read  |  Post a Comment
Mining WiFi Data: Retail Privacy Pitfalls
Doug Henschen, Executive Editor, InformationWeekCommentary
WiFi data mining starts with anonymous tracking, but it can lead to personal details in social profiles. Interop New York session explores opportunities and limits for retailers.
By Doug Henschen Executive Editor, InformationWeek, 9/15/2014
Comment13 comments  |  Read  |  Post a Comment
Why Email Is Worth Saving
Daniel Ingevaldson, CTO, Easy SolutionsCommentary
What if an Internet-scale, federated policy, authentication, and enforcement framework for trusted email delivery were available? It is.
By Daniel Ingevaldson CTO, Easy Solutions, 9/12/2014
Comment11 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Startup Uncovers Flaws In Mobile Apps, Launches New Security Service
Tim Wilson, Editor in Chief, Dark ReadingQuick Hits
Wandera says only one of seven US employees is given any guidance on mobile security by the employer.
By Tim Wilson Editor in Chief, Dark Reading, 9/11/2014
Comment3 comments  |  Read  |  Post a Comment
Apple Pay Ups Payment Security But PoS Threats Remain
Sara Peters, Senior Editor at Dark ReadingNews
Apple's new contactless payment tech will not stop point-of-sale breaches like Home Depot and UPS, but it could make those breaches less valuable to attackers.
By Sara Peters Senior Editor at Dark Reading, 9/10/2014
Comment21 comments  |  Read  |  Post a Comment
Poll: Significant Insecurity About Internet of Things
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Fewer than one percent of more than 800 Dark Reading community members are ready for the fast approaching security onslaught of the IoT.
By Marilyn Cohodas Community Editor, Dark Reading, 9/5/2014
Comment3 comments  |  Read  |  Post a Comment
4 Hurdles To Securing The Internet Of Things
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Why locking down even the tiniest embedded device is a tall order.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/4/2014
Comment7 comments  |  Read  |  Post a Comment
Celeb Hack: Is Apple Telling All It Knows?
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? Youíre darn tootin'!
By Dave Kearns Analyst, Kuppinger-Cole, 9/3/2014
Comment14 comments  |  Read  |  Post a Comment
How I Hacked My Home, IoT Style
David Jacoby, Sr. Security Researcher, Kaspersky LabCommentary
It didnít take long to find a score of vulnerabilities in my home entertainment, gaming, and network storage systems.
By David Jacoby Sr. Security Researcher, Kaspersky Lab, 8/27/2014
Comment16 comments  |  Read  |  Post a Comment
Cyberspies Target Chinese Ethnic Group
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Academic researchers study phishing emails targeting the World Uyghur Congress (WUC), which represents the Uyghur ethnic group residing in China and in exile.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/13/2014
Comment0 comments  |  Read  |  Post a Comment
UK Reconsidering Biometrics
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Parliament is looking for answers about biometrics' privacy, security, future uses, and whether or not legislation is ready for what comes next.
By Sara Peters Senior Editor at Dark Reading, 8/12/2014
Comment4 comments  |  Read  |  Post a Comment
6 Biometric Factors That Are Working Today
Marilyn Cohodas, Community Editor, Dark Reading
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
By Marilyn Cohodas Community Editor, Dark Reading, 8/12/2014
Comment23 comments  |  Read  |  Post a Comment
Small IoT Firms Get A Security Assist
Brian Prince, Contributing Writer, Dark ReadingQuick Hits
BuildItSecure.ly, an initiative where researchers vet code for small Internet of Things vendors, in the spotlight at DEF CON 22.
By Brian Prince Contributing Writer, Dark Reading, 8/10/2014
Comment1 Comment  |  Read  |  Post a Comment
Facebook Buys Security Startup PrivateCore
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook plans to deploy PrivateCore technology into its server stack to bolster encryption and malware prevention, the social network said.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/8/2014
Comment0 comments  |  Read  |  Post a Comment
Attack Harbors Malware In Images
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
'Lurk' click-fraud campaign now employing steganography.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/7/2014
Comment0 comments  |  Read  |  Post a Comment
When Good USB Devices Go Bad
Brian Prince, Contributing Writer, Dark ReadingNews
Researchers offer more details about how USB devices can be leveraged in attacks.
By Brian Prince Contributing Writer, Dark Reading, 8/7/2014
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Security Insights
3 Places to Enable 2-Factor Authentication Now
3 Places to Enable 2-Factor Authentication Now
Two-factor authentication is a ubiquitous, mature technology. Whether or not you use it for your network, here are three external services for which you should immediately enable it.
Comment1 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2886
Published: 2014-09-18
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during ins...

CVE-2014-4352
Published: 2014-09-18
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVE-2014-4353
Published: 2014-09-18
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

CVE-2014-4354
Published: 2014-09-18
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVE-2014-4356
Published: 2014-09-18
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.

Best of the Web
Dark Reading Radio