News & Commentary
Microsoft, Google, Mozilla Abandon RC4 Cryptographic Standard
Larry Loeb, Blogger, InformationweekCommentary
With Microsoft, Google, and Mozilla turning against the RC4 cryptographic suite, the standard will likely die in 2016.
By Larry Loeb Blogger, Informationweek, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Mark Weinstein, CEO, MeWe.comCommentary
You can read all you want about Windows 10 powerful new privacy features, but that doesn’t mean you have them.
By Mark Weinstein CEO,, 9/2/2015
Comment2 comments  |  Read  |  Post a Comment
Report: Ransomware Jumped 58 Percent in Q2
Sara Peters, Senior Editor at Dark ReadingNews
McAfee Threat Labs Report also zooms in on GPU malware and looks back on the first five years of the Intel-McAfee marriage.
By Sara Peters Senior Editor at Dark Reading, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Malware Pre-Installed On Over Two-Dozen Android Smartphone Brands
Jai Vijayan, Freelance writerNews
Threat affects several smartphones shipping from Asia including some popular ones such as Lenovo, Huawei, and Xiaomi, says G Data.
By Jai Vijayan Freelance writer, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
Sara Peters, Senior Editor at Dark ReadingNews
KeyRaider stole 225,000 legitimate Apple accounts and slammed devices with ransomware and phony purchases, but only jailbroken gear, mostly in China, is affected.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment2 comments  |  Read  |  Post a Comment
A CISO's View of Mobile Security Strategy, With Stacey Halota
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
10 Best Practices For BYOD Policy
Dark Reading Staff, News
Bring-your-own device doesn't have to mean bring your own security problems.
By Dark Reading Staff , 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Thousands Of Potentially Malicious Android Apps Unearthed In Google Play
Jai Vijayan, Freelance writerNews
Indiana University researchers develop a new scanning technique dubbed 'MassVet' for vetting mobile app stores at scale.
By Jai Vijayan Freelance writer, 8/27/2015
Comment2 comments  |  Read  |  Post a Comment
Consumers Want Password Alternatives
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Consumer confidence in online passwords wanes and their password hygiene remains as sketchy as ever, study finds.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Android Lock Patterns Laughably Easy To Guess
Eric Zeman, Commentary
A researcher shows that people rely on weak Android lock patterns just as they do weak passwords.
By Eric Zeman , 8/24/2015
Comment2 comments  |  Read  |  Post a Comment
The Month Of Android Vulnerabilities Rolls On
Sara Peters, Senior Editor at Dark ReadingNews
Multi-media handling takes the most hits, and there are no easy fixes.
By Sara Peters Senior Editor at Dark Reading, 8/20/2015
Comment2 comments  |  Read  |  Post a Comment
Blackphone 2 Delivers Secure Smartphone Improvements
Eric Zeman, News
Silent Circle is now accepting preorders for the Blackphone 2, its secure enterprise smartphone.
By Eric Zeman , 8/19/2015
Comment0 comments  |  Read  |  Post a Comment
Making The Security Case For A Software-Defined Perimeter
Kurt A. Mueffelmann, President & CEO, CryptzoneCommentary
With SDP, organizations can create an 'invisible' infrastructure that only authorized users and devices can access. Here’s why it’s time has come.
By Kurt A. Mueffelmann President & CEO, Cryptzone, 8/18/2015
Comment0 comments  |  Read  |  Post a Comment
Why AT&T's 'Willingness' To Help NSA Is Alarming
Eric Zeman, News
Snowden documents show AT&T was all too happy to aid the NSA spy on Americans. Are we really that surprised?
By Eric Zeman , 8/17/2015
Comment18 comments  |  Read  |  Post a Comment
Securing OS X: Apple, Security Vendors Need To Up Their Game
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
To date, OS X malware is pretty lame, but it’s easy to write better malware to bypass current defenses, security researcher Patrick Wardle told a Black Hat audience last week.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 8/12/2015
Comment2 comments  |  Read  |  Post a Comment
Risk of Data Loss From Non-Jailbroken iOS Devices Real, Security Firm says
Jai Vijayan, Freelance writerNews
Data from the Hacking Team reveals actively used exploit for breaking into and stealing data from registered iOS systems, FireEye says.
By Jai Vijayan Freelance writer, 8/7/2015
Comment0 comments  |  Read  |  Post a Comment
Stagefright Bug Spurs Android Makers Into Action
Eric Zeman, Commentary
In the wake of the Stagefright bug, Google and Samsung plan to issue monthly Android security patches to ward off potential threats. Will other smartphone manufacturers and carriers follow?
By Eric Zeman , 8/6/2015
Comment2 comments  |  Read  |  Post a Comment
Your Smartphone Battery Could Be Tracking You
Eric Zeman, Commentary
Security researchers have found a way to track a user's smartphone Web usage through battery life.
By Eric Zeman , 8/4/2015
Comment6 comments  |  Read  |  Post a Comment
Dark Reading News Desk Comes To You Live From Black Hat
Sara Peters, Senior Editor at Dark ReadingCommentary
Live video coverage from Las Vegas Wednesday and Thursday
By Sara Peters Senior Editor at Dark Reading, 8/3/2015
Comment3 comments  |  Read  |  Post a Comment
GM Vehicles Can Be Located, Unlocked, Started Remotely Via OnStar App
Jai Vijayan, Freelance writerNews
White Hat hacker Samy Kamkar’s OwnStart device latest to show up vulnerabilities in modern vehicles
By Jai Vijayan Freelance writer, 7/31/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-09-02
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

Published: 2015-09-02
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

Published: 2015-09-02
The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.

Published: 2015-09-02
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote...

Published: 2015-09-02
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.