Endpoint
News & Commentary
In The Cyber Realm, Letís Be Knights Not Blacksmiths
Jeff Schilling, CSO, FirehostCommentary
Why the Internet of Things is our chance to finally get information security right.
By Jeff Schilling CSO, Firehost, 7/2/2015
Comment2 comments  |  Read  |  Post a Comment
Smart Cities' 4 Biggest Security Challenges
Sara Peters, Senior Editor at Dark ReadingNews
The messiness of politics and the vulnerability of the Internet of Things in one big, unwieldy package.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment4 comments  |  Read  |  Post a Comment
Android Malware On The Rise
Sara Peters, Senior Editor at Dark ReadingNews
By the end of 2015, researchers expect the number of new Android malware strains to hit 2 million.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment0 comments  |  Read  |  Post a Comment
Clever CryptoWall Spreading Via New Attacks
Sara Peters, Senior Editor at Dark ReadingNews
Top ransomware doesn't waste time jumping on the latest Flash zero-day, and hops rides on click fraud campaigns, too.
By Sara Peters Senior Editor at Dark Reading, 6/29/2015
Comment4 comments  |  Read  |  Post a Comment
3 Simple Steps For Minimizing Ransomware Exposure
Michelle Drolet, Founder, TowerwallCommentary
If your data is important enough to pay a ransom, why wasn't it important enough to properly backup and protect in the first place?
By Michelle Drolet Founder, Towerwall, 6/26/2015
Comment0 comments  |  Read  |  Post a Comment
Stealthy Fobber Malware Takes Anti-Analysis To New Heights
Sara Peters, Senior Editor at Dark ReadingNews
Built off the Tinba banking Trojan and distributed through the elusive HanJuan exploit kit, Fobber info-stealer defies researchers with layers upon layers of encryption.
By Sara Peters Senior Editor at Dark Reading, 6/25/2015
Comment0 comments  |  Read  |  Post a Comment
FBI: CryptoWall Ransomware Cost US Users $18 Million
Sara Peters, Senior Editor at Dark ReadingNews
Increasing pace of ransomware innovation likely to keep that number going up.
By Sara Peters Senior Editor at Dark Reading, 6/24/2015
Comment0 comments  |  Read  |  Post a Comment
Why China Wants Your Sensitive Data
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
Since May 2014, the Chinese government has been amassing a 'Facebook for human intelligence.' Here's what it's doing with the info.
By Adam Meyers VP of Intelligence, CrowdStrike, 6/24/2015
Comment17 comments  |  Read  |  Post a Comment
FitBit, Acer Liquid Leap Fail In Security Fitness
Sara Peters, Senior Editor at Dark ReadingNews
Transmissions to the cloud are secured with these Internet of Things devices, but wristband-to-phone comms are open to eavesdropping.
By Sara Peters Senior Editor at Dark Reading, 6/22/2015
Comment4 comments  |  Read  |  Post a Comment
US Hosts The Most Botnet Servers
Jai Vijayan, Freelance writerNews
More malicious command and control servers are based in the US than anywhere else, and China is home to the most bots.
By Jai Vijayan Freelance writer, 6/19/2015
Comment0 comments  |  Read  |  Post a Comment
7 Top Security Quotes From London Technology Week
Sara Peters, Senior Editor at Dark Reading
Tech events across the city hit on IoT, smart cities, mobility and Legos.
By Sara Peters Senior Editor at Dark Reading, 6/19/2015
Comment9 comments  |  Read  |  Post a Comment
New Apple iOS, OS X Flaws Pose Serious Risk
Jai Vijayan, Freelance writerNews
Security vulnerabilities could expose passwords for Apple iCloud, email, and bank accounts, and other sensitive information, researchers say.
By Jai Vijayan Freelance writer, 6/18/2015
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Advice From A Former White House CIO
Theresa Payton, Former White House CIO, CEO of Fortalice Solutions, LLCCommentary
Today's playbook demands 'human-centered' user education that assumes people will share passwords, forget them, and do unsafe things to get their jobs done.
By Theresa Payton Former White House CIO, CEO of Fortalice Solutions, LLC, 6/18/2015
Comment4 comments  |  Read  |  Post a Comment
EFF Data Privacy Report Praises Apple, Slams AT&T
Nathan Eddy, Freelance WriterNews
In the Electronic Frontier Foundation's fifth annual report, Apple gets high marks for protecting privacy, while WhatsApp and AT&T land at the bottom.
By Nathan Eddy Freelance Writer, 6/18/2015
Comment8 comments  |  Read  |  Post a Comment
Smart Cities', IoT's Key Challenges: Security, Lack of Standards
Sara Peters, Senior Editor at Dark ReadingNews
London Technology Week: At IFSEC, futurologist Simon Moores asks who's responsible when a smart city crashes.
By Sara Peters Senior Editor at Dark Reading, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Time to Focus on Data Integrity
Nate Lesser & Mary Yang, National Institute of Standards and TechnologyCommentary
Information security efforts have historically centered on data theft. But cybercriminals who alter corporate records and personal information can also cause serious harm.
By Nate Lesser & Mary Yang National Institute of Standards and Technology, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
New Malware Found Hiding Inside Image Files
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Dell SecureWorks CTU researchers say Stegoloader is third example in a year of malware using digital steganography as a detection countermeasure.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/16/2015
Comment9 comments  |  Read  |  Post a Comment
Password Manager LastPass Hacked
Dark Reading Staff, Quick Hits
LastPass says user account email addresses, password reminders, server per user salts, and authentication hashes compromised.
By Dark Reading Staff , 6/16/2015
Comment8 comments  |  Read  |  Post a Comment
London Tech Week Kicks Off
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Before IFSEC and Interop get underway, tech events are scattered about town in the unlikeliest places.
By Sara Peters Senior Editor at Dark Reading, 6/15/2015
Comment1 Comment  |  Read  |  Post a Comment
Lessons Learned From The Ramnit Botnet Takedown
Francisco Fonseca, CEO & Co-founder of AnubisNetworksCommentary
While most organizations wonít find themselves in similar circumstances, there are important takeaways they can apply to any security program.
By Francisco Fonseca CEO & Co-founder of AnubisNetworks, 6/15/2015
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0543
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2015-0544
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

CVE-2015-2721
Published: 2015-07-05
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attacke...

CVE-2015-2722
Published: 2015-07-05
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

CVE-2015-2724
Published: 2015-07-05
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code v...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report