News & Commentary
Looking Back to Look Ahead: Cyber Threat Trends to Watch
Derek Manky, Global Security Strategist, FortinetCommentary
Data from the fourth quarter of last year shows the state of application exploits, malicious software, and botnets.
By Derek Manky Global Security Strategist, Fortinet, 3/23/2018
Comment0 comments  |  Read  |  Post a Comment
Phantom Secure 'Uncrackable Phone' Execs Indicted for RICO Crimes
Dark Reading Staff, Quick Hits
Executives of Phantom Secure have been indicted on federal RICO charges for encrypting communications among criminals.
By Dark Reading Staff , 3/16/2018
Comment0 comments  |  Read  |  Post a Comment
Online Ads vs. Security: An Invisible War
Corey Nachreiner, Chief Technology Officer, WatchGuard TechnologiesCommentary
Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
By Corey Nachreiner Chief Technology Officer, WatchGuard Technologies, 3/15/2018
Comment2 comments  |  Read  |  Post a Comment
What's the C-Suite Doing About Mobile Security?
Anne Bonaparte, CEO of AppthorityCommentary
While most companies have security infrastructure for on-premises servers, networks, and endpoints, too many are ignoring mobile security. They'd better get moving.
By Anne Bonaparte CEO of Appthority, 3/13/2018
Comment0 comments  |  Read  |  Post a Comment
Asia's Security Leaders Feel Underprepared for Future Threats: Report
Dark Reading Staff, News
A new study highlights major concerns of cybersecurity leaders in Asia, where most fear critical infrastructure attacks, advanced threats, and social engineering.
By Dark Reading Staff , 3/12/2018
Comment0 comments  |  Read  |  Post a Comment
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Pat Osborne, Principal - Executive Consultant at Outhaul Consulting, LLC, & Cybersecurity Advisor for the Security Innovation CenterCommentary
Proposed new connected-product repair laws will provide hackers with more tools to make our lives less secure.
By Pat Osborne Principal - Executive Consultant at Outhaul Consulting, LLC, & Cybersecurity Advisor for the Security Innovation Center, 3/12/2018
Comment2 comments  |  Read  |  Post a Comment
Researchers Defeat Android OEMs' Security Mitigations
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Black Hat Asia, two security experts will bypass security improvements added to Android by equipment manufacturers.
By Kelly Sheridan Staff Editor, Dark Reading, 3/7/2018
Comment0 comments  |  Read  |  Post a Comment
Connected Cars Pose New Security Challenges
James Plouffe, Lead Architect at MobileIronCommentary
The auto industry should seize the opportunity and get in front of this issue.
By James Plouffe Lead Architect at MobileIron, 3/6/2018
Comment3 comments  |  Read  |  Post a Comment
Securing the Web of Wearables, Smartphones & Cloud
Kelly Sheridan, Staff Editor, Dark ReadingNews
Why security for the Internet of Things demands that businesses revamp their software development lifecycle.
By Kelly Sheridan Staff Editor, Dark Reading, 3/1/2018
Comment0 comments  |  Read  |  Post a Comment
What Enterprises Can Learn from Medical Device Security
Tom Gillis, Founder & CEO, Bracket ComputingCommentary
In today's cloud-native world, organizations need a highly distributed approach that ties security to the workload itself in order to prevent targeted attacks.
By Tom Gillis Founder & CEO, Bracket Computing, 3/1/2018
Comment0 comments  |  Read  |  Post a Comment
New Android Malware Family Highlights Evolving Mobile Threat Capabilities
Jai Vijayan, Freelance writerNews
RedDrop can steal data, record audio, and rack up SMS charges for victims, says Wandera.
By Jai Vijayan Freelance writer, 2/28/2018
Comment0 comments  |  Read  |  Post a Comment
Threats from Mobile Ransomware & Banking Malware Are Growing
Jai Vijayan, Freelance writerNews
The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.
By Jai Vijayan Freelance writer, 2/26/2018
Comment5 comments  |  Read  |  Post a Comment
10 Can't-Miss Talks at Black Hat Asia
Kelly Sheridan, Staff Editor, Dark Reading
With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 2/23/2018
Comment0 comments  |  Read  |  Post a Comment
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
By Kelly Sheridan Staff Editor, Dark Reading, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof TechnologiesCommentary
Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.
By Satish Shetty CEO, Codeproof Technologies, 2/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Google Paid $2.9M for Vulnerabilities in 2017
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Google Vulnerability Reward Program issued a total of 1,230 rewards in 2017. The single largest payout was $112,500.
By Kelly Sheridan Staff Editor, Dark Reading, 2/9/2018
Comment0 comments  |  Read  |  Post a Comment
Apple iOS iBoot Secure Bootloader Code Leaked Online
Dark Reading Staff, Quick Hits
Lawyers for Apple called for the source code to be removed from GitHub.
By Dark Reading Staff , 2/8/2018
Comment0 comments  |  Read  |  Post a Comment
Identity Fraud Hits All-Time High in 2017
Steve Zurier, Freelance WriterNews
Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.
By Steve Zurier Freelance Writer, 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
Mastering Security in the Zettabyte Era
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
By Marc Wilczek Digital Strategist & CIO Advisor, 2/5/2018
Comment0 comments  |  Read  |  Post a Comment
3 Ways Hackers Steal Your Company's Mobile Data
Paul Martini, The CEO, co-founder and chief architect of ibossCommentary
The most effective data exfiltration prevention strategies are those that are as rigorous in vetting traffic entering the network as they are traffic leaving it.
By Paul Martini The CEO, co-founder and chief architect of iboss, 2/2/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
The Case for Integrating Physical Security & Cybersecurity
Paul Kurtz, CEO & Cofounder, TruSTAR Technology,  3/20/2018
A Look at Cybercrime's Banal Nature
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/20/2018
City of Atlanta Hit with Ransomware Attack
Dark Reading Staff 3/23/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.