Perimeter
News & Commentary
The Internet of Things: 7 Scary Security Scenarios
Marilyn Cohodas, Community Editor, Dark Reading
The IoT can be frightening when viewed from the vantage point of information security.
By Marilyn Cohodas Community Editor, Dark Reading, 10/16/2014
Comment5 comments  |  Read  |  Post a Comment
Third-Party Code: Fertile Ground For Malware
Peter Zavlaris, Analyst, RiskIQCommentary
How big-brand corporate websites are becoming a popular method for mass distribution of exploit kits on vulnerable computers.
By Peter Zavlaris Analyst, RiskIQ, 10/15/2014
Comment7 comments  |  Read  |  Post a Comment
Stolen Medical Data Is Now A Hot Commodity
Lysa Myers, Security Researcher, ESETCommentary
While credit cards are selling for a dollar or less on the black market, personal health credentials are commanding as much as $10 per patient. Here’s why.
By Lysa Myers Security Researcher, ESET, 10/14/2014
Comment5 comments  |  Read  |  Post a Comment
How To Be A 'Compromise-Ready' Organization
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Incident response pros share tips on how to have all your ducks in a row before the inevitable breach.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/9/2014
Comment5 comments  |  Read  |  Post a Comment
How Retail Can Win Back Consumer Trust
Dan Ross, CEO & President, PromisecCommentary
Customer loyalty to their favorite brands is all about trust, which today has everything to do with security and privacy.
By Dan Ross CEO & President, Promisec, 10/9/2014
Comment1 Comment  |  Read  |  Post a Comment
Hackers Steal Millions In Cash From ATMs, Using Tyupkin Malware
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Attackers add in failsafes to prevent innocents from triggering attack and money mules from going rogue.
By Sara Peters Senior Editor at Dark Reading, 10/7/2014
Comment6 comments  |  Read  |  Post a Comment
Tokenization: 6 Reasons The Card Industry Should Be Wary
Pat Carroll, Executive Chairman & Founder, ValidSoftCommentary
VISA’s new token service aims to provide consumers a simple, fraud-free digital payment experience. It’s a worthy goal, but one that may prove to be more aspirational than functional.
By Pat Carroll Executive Chairman & Founder, ValidSoft, 10/7/2014
Comment4 comments  |  Read  |  Post a Comment
Apple Makes Move To Shut Down Mac Botnet
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cupertino engineers move swiftly to contain a Trojan outbreak reportedly propagated through pirated software.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/6/2014
Comment10 comments  |  Read  |  Post a Comment
How Cookie-Cutter Cyber Insurance Falls Short
Kevin Smith, VP, The Graham CompanyCommentary
Many off-the-shelf cyber liability policies feature a broad range of exclusions that won’t protect your company from a data breach or ransomware attack.
By Kevin Smith VP, The Graham Company, 10/6/2014
Comment9 comments  |  Read  |  Post a Comment
To Combat Government Snooping, Encrypt Data Before Putting It In Cloud, Says Interop Speaker
Sara Peters, Senior Editor at Dark ReadingQuick Hits
If Uncle Sam wants your data, make him come directly to you.
By Sara Peters Senior Editor at Dark Reading, 10/3/2014
Comment9 comments  |  Read  |  Post a Comment
How Retro Malware Feeds the New Threat Wave
Anthony Di Bello, Director, Security Practice, Guidance SoftwareCommentary
Old-school exploits used in new ways are placing fresh demands for intel-sharing among infosec pros and their time-tested and next-gen security products.
By Anthony Di Bello Director, Security Practice, Guidance Software, 10/3/2014
Comment4 comments  |  Read  |  Post a Comment
Cyberinsurance Resurges In The Wake Of Mega-Breaches
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Insurance policies customized for cyberattack protection are on the rise as businesses worry they could be the next Target.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/2/2014
Comment10 comments  |  Read  |  Post a Comment
Poll: Employees Clueless About Social Engineering
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Not surprisingly, our latest poll confirms that threats stemming from criminals hacking humans are all too frequently ignored.
By Marilyn Cohodas Community Editor, Dark Reading, 10/2/2014
Comment5 comments  |  Read  |  Post a Comment
Smart Meter Hack Shuts Off The Lights
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
European researchers will reveal major security weaknesses in smart meters that could allow an attacker to order a power blackout.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/1/2014
Comment2 comments  |  Read  |  Post a Comment
5 New Truths To Teach Your CIO About Identity
Patrick Harding, Commentary
When CIOs talk security they often use words like "firewall" and "antivirus." Here’s why today’s technology landscape needs a different vocabulary.
By Patrick Harding , 10/1/2014
Comment0 comments  |  Read  |  Post a Comment
Be Aware: 8 Tips for Security Awareness Training
Sara Peters, Senior Editor at Dark Reading
Hint: One giant security training session to rule them all is not the way to go.
By Sara Peters Senior Editor at Dark Reading, 9/29/2014
Comment13 comments  |  Read  |  Post a Comment
When Layers On Layers Of Security Equals LOL Security
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Defense-in-depth is often poorly executed when architecture is not carefully considered.
By Ericka Chickowski Contributing Writer, Dark Reading, 9/29/2014
Comment3 comments  |  Read  |  Post a Comment
Apple: Majority Of Mac OS X Users Not At Risk To 'Shellshock'
Brian Prince, Contributing Writer, Dark ReadingNews
According to Apple, Mac OS X systems are not exposed to remote exploits of Bash unless users have certain UNIX services configured.
By Brian Prince Contributing Writer, Dark Reading, 9/26/2014
Comment5 comments  |  Read  |  Post a Comment
Shellshocked: A Future Of ‘Hair On Fire’ Bugs
Paul Vixie, Chairman & CEO, Farsight Security, Inc.Commentary
Most computers affected by Bash will be updated within 10 years. The rest will be vulnerable for the lifespans of all humans now living. This should concern us. But then, global warming should also concern us.
By Paul Vixie Chairman & CEO, Farsight Security, Inc., 9/26/2014
Comment22 comments  |  Read  |  Post a Comment
Breached Retailers Harden PoS, For Now
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Yet another point-of-sale (POS) breach at a major retail chain, and the victim adds encryption.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/25/2014
Comment8 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4884
Published: 2014-10-21
The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-4885
Published: 2014-10-21
The CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application 3.4.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-4887
Published: 2014-10-21
The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-4888
Published: 2014-10-21
The BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-4889
Published: 2014-10-21
The Diabetic Diet Guide (aka com.wDiabeticDietGuide) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.