Operations // Identity & Access Management
News & Commentary
Welcome To My Cyber Security Nightmare
TK Keanini, CTO, LancopeCommentary
Happy Halloween. Here are three chilling scenarios that will keep even the most hardened infosec warrior awake all night.
By TK Keanini CTO, Lancope, 10/30/2014
Comment3 comments  |  Read  |  Post a Comment
Insider Threats: Breaching The Human Barrier
Christopher Hadnagy, Founder & CEO, Social-Engineer, Inc.Commentary
A company can spend all the money it has on technical solutions to protect the perimeter and still not prevent the attack that comes from within.
By Christopher Hadnagy Founder & CEO, Social-Engineer, Inc., 10/20/2014
Comment5 comments  |  Read  |  Post a Comment
Stolen Medical Data Is Now A Hot Commodity
Lysa Myers, Security Researcher, ESETCommentary
While credit cards are selling for a dollar or less on the black market, personal health credentials are commanding as much as $10 per patient. Here’s why.
By Lysa Myers Security Researcher, ESET, 10/14/2014
Comment5 comments  |  Read  |  Post a Comment
2 Tech Challenges Preventing Online Voting In US
Sara Peters, Senior Editor at Dark ReadingNews
A new report explains that online voting in the US is a matter of "if, not when," but problems of anonymity and verifiability must be solved first.
By Sara Peters Senior Editor at Dark Reading, 10/9/2014
Comment7 comments  |  Read  |  Post a Comment
How Retail Can Win Back Consumer Trust
Dan Ross, CEO & President, PromisecCommentary
Customer loyalty to their favorite brands is all about trust, which today has everything to do with security and privacy.
By Dan Ross CEO & President, Promisec, 10/9/2014
Comment1 Comment  |  Read  |  Post a Comment
Good Job, Facebook: The Intersection Of Privacy, Identity & Security
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Birth names and legal names aren’t always the names people are best known by, concedes Facebook in the wake of a real-name policy usage flap.
By Dave Kearns Analyst, Kuppinger-Cole, 10/8/2014
Comment4 comments  |  Read  |  Post a Comment
5 New Truths To Teach Your CIO About Identity
Patrick Harding, Commentary
When CIOs talk security they often use words like "firewall" and "antivirus." Here’s why today’s technology landscape needs a different vocabulary.
By Patrick Harding , 10/1/2014
Comment0 comments  |  Read  |  Post a Comment
Hacking Hackers: Taking Matters Into Private Hands
Becca Lipman, Senior EditorNews
Private groups are fighting back against foreign sources of malware and credit fraud. But methodologies put these digital crusaders and their employers at serious legal risk.
By Becca Lipman Senior Editor, 9/23/2014
Comment0 comments  |  Read  |  Post a Comment
7 Reasons To Love Passwords
Sara Peters, Senior Editor at Dark Reading
Passwords are often ridiculed, but there are some reasons they should be your nearest and dearest authentication factor.
By Sara Peters Senior Editor at Dark Reading, 9/17/2014
Comment12 comments  |  Read  |  Post a Comment
In Defense Of Passwords
Corey Nachreiner, Director, Security Strategy & Research, WatchGuard TechnologiesCommentary
Long live the password (as long as you use it correctly along with something else).
By Corey Nachreiner Director, Security Strategy & Research, WatchGuard Technologies, 9/16/2014
Comment12 comments  |  Read  |  Post a Comment
5 Myths: Why We Are All Data Security Risks
Lance Cottrell, Chief Scientist, NtrepidCommentary
I am absolutely sure that I could be tricked by a well-crafted spear phishing attack, and I am equally sure I could do the same to you.
By Lance Cottrell Chief Scientist, Ntrepid, 9/15/2014
Comment12 comments  |  Read  |  Post a Comment
Why Email Is Worth Saving
Daniel Ingevaldson, CTO, Easy SolutionsCommentary
What if an Internet-scale, federated policy, authentication, and enforcement framework for trusted email delivery were available? It is.
By Daniel Ingevaldson CTO, Easy Solutions, 9/12/2014
Comment16 comments  |  Read  |  Post a Comment
Google: No Breach In Latest Online Dump Of Credentials
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
The online leak of some 5 million username and password combinations consisted of mostly stale or older credentials that don't actually work, Google says.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/11/2014
Comment3 comments  |  Read  |  Post a Comment
Celeb Hack: Is Apple Telling All It Knows?
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? You’re darn tootin'!
By Dave Kearns Analyst, Kuppinger-Cole, 9/3/2014
Comment14 comments  |  Read  |  Post a Comment
Secure The Core: Advice For Agencies Under Attack
Vijay Basani, CEO, EiQ NetworksCommentary
When facing state-sponsored attacks, perimeter security is never enough.
By Vijay Basani CEO, EiQ Networks, 9/3/2014
Comment2 comments  |  Read  |  Post a Comment
6 Biometric Factors That Are Working Today
Marilyn Cohodas, Community Editor, Dark Reading
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
By Marilyn Cohodas Community Editor, Dark Reading, 8/12/2014
Comment23 comments  |  Read  |  Post a Comment
'Backoff' Malware: Time To Step Up Remote Access Security
Boatner Blankenstein, Senior Director, Solutions Engineering, BomgarCommentary
DHS issues advisory about remote desktop access tools associated with recent point-of-sale breaches.
By Boatner Blankenstein Senior Director, Solutions Engineering, Bomgar, 8/1/2014
Comment9 comments  |  Read  |  Post a Comment
Phishing: What Once Was Old Is New Again
Dave Kearns, Analyst, Kuppinger-ColeCommentary
I used to think the heyday of phishing had passed. But as Symantec notes in its 2014 Internet Security Threat Report, I was wrong!
By Dave Kearns Analyst, Kuppinger-Cole, 7/30/2014
Comment12 comments  |  Read  |  Post a Comment
Weak Password Advice From Microsoft
Andrey Dulkin, Senior Director, Cyber Innovation, CyberArkCommentary
Tempting as it may seem to do away with strong passwords for low-risk websites, password reuse is still a significant threat to both users and business.
By Andrey Dulkin Senior Director, Cyber Innovation, CyberArk, 7/28/2014
Comment16 comments  |  Read  |  Post a Comment
Passwords Be Gone! Removing 4 Barriers To Strong Authentication
Phillip M. Dunkelberger, President & CEO, Nok Nok LabsCommentary
As biometric factors become more prevalent on mobile devices, FIDO Alliance standards will gain traction as an industry-wide authentication solution.
By Phillip M. Dunkelberger President & CEO, Nok Nok Labs, 7/24/2014
Comment10 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8243
Published: 2014-11-01
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote a...

CVE-2014-8244
Published: 2014-11-01
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote a...

CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.