News & Commentary
20 Endpoint Security Questions You Never Thought to Ask
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEyeCommentaryy
The endpoint detection and response market is exploding! Heres how to make sense of the options, dig deeper, and separate vendor fact from fiction.
By Joshua Goldfarb VP & CTO - Emerging Technologies, FireEye, 10/26/2016
Comment0 comments  |  Read  |  Post a Comment
Blockchain & The Battle To Secure Digital Identities
Xavier Larduinat, Manager for Innovation, GemaltoCommentaryy
This emerging technology is a promising way to verify transactions without compromising your digital identity.
By Xavier Larduinat Manager for Innovation, Gemalto, 10/25/2016
Comment8 comments  |  Read  |  Post a Comment
Why Poor Cyber Hygiene Invites Risk
Anthony Grieco, Senior Director & Trust Strategy Officer, Security & Trust Organization, CiscoCommentaryy
Modern cybersecurity today is all about risk management. That means eliminating and mitigating risks where possible, and knowingly accepting those that remain.
By Anthony Grieco Senior Director & Trust Strategy Officer, Security & Trust Organization, Cisco, 10/20/2016
Comment0 comments  |  Read  |  Post a Comment
Muddy Waters Releases New Info About St. Jude Medical Device Flaws
Dark Reading Staff, Quick Hits
Muddy Waters Capital, the short seller that teamed with security researchers at MedSec, posted the videos on a new site it launched:
By Dark Reading Staff , 10/19/2016
Comment1 Comment  |  Read  |  Post a Comment
Public Wi-Fi Use Grows, Despite Security Risks
Dark Reading Staff, Quick Hits
Survey says although 91% of the respondents admit that public Wi-Fi is insecure, 89% still use it.
By Dark Reading Staff , 10/18/2016
Comment0 comments  |  Read  |  Post a Comment
Businesses Sacrifice Security To Get Apps Released Faster
Kelly Sheridan, Associate Editor, InformationWeekNews
As the app economy continues to drive change in IT security, businesses struggle to meet customer demands while keeping their data secure.
By Kelly Sheridan Associate Editor, InformationWeek, 10/11/2016
Comment0 comments  |  Read  |  Post a Comment
For The Birds: Dark Reading Cartoon Caption Contest Winners
Marilyn Cohodas, Community Editor, Dark ReadingCommentaryy
Birdwatching-as-a-Service, live tweeting and NESTFLIX. And the winner is ...
By Marilyn Cohodas Community Editor, Dark Reading, 10/8/2016
Comment3 comments  |  Read  |  Post a Comment
EMV: The Anniversary Of One Deadline, The Eve of Another
Sara Peters, Senior Editor at Dark ReadingNews
How merchants and criminals responded since the EMV liability shift for point-of-sale devices one year ago. And what changes can we expect after the liability shift for ATMs, which is just days away?
By Sara Peters Senior Editor at Dark Reading, 9/29/2016
Comment0 comments  |  Read  |  Post a Comment
FBI Probes Bid To Hack Democratic Party Officials Phones, Sources Say
Dark Reading Staff, Quick Hits
Russia-backed criminals again likely to be behind this hacking which, if proven, could involve theft of sensitive data, say the sources.
By Dark Reading Staff , 9/28/2016
Comment0 comments  |  Read  |  Post a Comment
Mobile Fraud Changes Outlook for Multifactor Authentication
Stephen Maloney, Executive VP, Business Development & Strategy, AcuantCommentaryy
SMS one-time passcodes just won't cut it anymore. We need new approaches that people will actually use.
By Steve Maloney , 9/27/2016
Comment0 comments  |  Read  |  Post a Comment
Smartphone Infections Rise 96% In H1-2016: Malware Study
Dark Reading Staff, Quick Hits
Nokia report reveals April 2016 saw new all-time high in mobile infections with one out of every 120 smartphone affected.
By Dark Reading Staff , 9/20/2016
Comment0 comments  |  Read  |  Post a Comment
Scientist Clones Chip To Unlock iPhone, Proves FBI Wrong
Dark Reading Staff, Quick Hits
Dr. Sergei Skorobogatov of Cambridge University spent $100 on a process that may have cost FBI $1 million.
By Dark Reading Staff , 9/20/2016
Comment0 comments  |  Read  |  Post a Comment
San Bernardino iPhone Hack: Media Agencies Sue FBI For Vendor Details
Dark Reading Staff, Quick Hits
Associated Press and two others invoke Freedom of Information Act against the government seeking details of secret transaction.
By Dark Reading Staff , 9/19/2016
Comment0 comments  |  Read  |  Post a Comment
A Moving Target: Tackling Cloud Security As A Data Issue
Sheila B. Jordan, SVP & CIO, SymantecCommentaryy
Todays challenge is protecting critical information that an increasingly mobile workforce transfers every day between clouds, between cloud and mobile, and between cloud, mobile, and IoT.
By Sheila B. Jordan SVP & CIO, Symantec, 9/13/2016
Comment1 Comment  |  Read  |  Post a Comment
Multi-Factor IT Authentication Hampers Progress, Say 47% US Companies
Dark Reading Staff, Quick Hits
IS Decisions survey finds organizations are looking for alternate to multi-factor verification, which they believe takes up time and slows productivity.
By Dark Reading Staff , 9/9/2016
Comment3 comments  |  Read  |  Post a Comment
Another IoT-Dominated Botnet Rises With Almost 1M Infected Devices
Ericka Chickowski, Contributing Writer, Dark ReadingNews
BASHLITE malware fuels another DDoS botnet made up primarily of flaw-ridden internet of things devices
By Ericka Chickowski Contributing Writer, Dark Reading, 8/30/2016
Comment0 comments  |  Read  |  Post a Comment
Multiple Apple iOS Zero-Days Enabled Firm To Spy On Targeted iPhone Users For Years
Jai Vijayan, Freelance writerNews
Victims of lawful intercepts include human rights activists and journalist, researchers from Citizen Lab and Lookout say.
By Jai Vijayan Freelance writer, 8/26/2016
Comment0 comments  |  Read  |  Post a Comment
Apple Releases Patch For 'Trident,' A Trio Of iOS 0-Days
Dark Reading Staff, Quick Hits
Already rolled into the Pegasus spyware product and used to target social activists, the vulnerabilities are fixed in iOS 9.3.5.
By Dark Reading Staff , 8/25/2016
Comment1 Comment  |  Read  |  Post a Comment
The Secret Behind the NSA Breach: Network Infrastructure Is the Next Target
Yoni Allon, Research Team Leader, LightCyberCommentaryy
How the networking industry has fallen way behind in incorporating security measures to prevent exploits to ubiquitous routers, proxies, firewalls, and switches.
By Yoni Allon Research Team Leader, LightCyber, 8/25/2016
Comment1 Comment  |  Read  |  Post a Comment
Newly Announced Chipset Vuln Affects 900 Million Android Devices
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Check Point Research Team details four vulnerabilities that can easily lead to full privilege escalation.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/8/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If youre still focused on securing endpoints, youve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.