News & Commentary
We Need A New Word For Cyber
John B. Dickson, CISSP,  Principal, Denim GroupCommentary
It’s time to find an alternative for 'cyber' (an adjective or noun) before the term – like 'google' -- becomes a verb.
By John B. Dickson CISSP, Principal, Denim Group, 11/23/2015
Comment2 comments  |  Read  |  Post a Comment
IBM Report: Ransomware, Malicious Insiders On The Rise
Sara Peters, Senior Editor at Dark ReadingNews
X-Force's top four cyber threat trends also names upper management's increasing interest in infosec.
By Sara Peters Senior Editor at Dark Reading, 11/16/2015
Comment1 Comment  |  Read  |  Post a Comment
Don’t Toy With The Dark Web, Harness It
James Chappell, CTO & Founder, Digital ShadowsCommentary
The Dark Web’s sinister allure draws outsized attention, but time-strapped security teams would benefit from knowing what's already circulating in places they don't need Tor or I2P to find.
By James Chappell CTO & Founder, Digital Shadows, 11/16/2015
Comment2 comments  |  Read  |  Post a Comment
Dark Reading Radio: A Cybersecurity Generation Gap
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
Millennials--especially young women--not pursuing careers in cybersecurity due to lack of both awareness and interest.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/16/2015
Comment5 comments  |  Read  |  Post a Comment
Solving Security: If You Want Something New, Stop Doing Something Old
Marilyn Cohodas, Community Editor, Dark ReadingNews
Black Hat Europe keynoter Haroon Meer tells security pros to work smarter, think out of the box, and speak out to the C-suite.
By Marilyn Cohodas Community Editor, Dark Reading, 11/12/2015
Comment0 comments  |  Read  |  Post a Comment
Point of Entry: The Missing Link in the Security Hiring Gap
Jamesha Fisher, DevOps Security PirateCommentary
How misguided notions of capability and lack of access to enterprise tools discourage diversity in Infosec.
By Jamesha Fisher DevOps Security Pirate, 11/12/2015
Comment1 Comment  |  Read  |  Post a Comment
Machine Learning: Perception Problem? Maybe. Pipe Dream? No Way!
Mike Paquette, VP Products, PrelertCommentary
Guided by an organization's internal security experts,'algorithmic assistants' provide a powerful new way to find anomalies and patterns for detecting cyberthreat activity.
By Mike Paquette VP Products, Prelert, 11/11/2015
Comment0 comments  |  Read  |  Post a Comment
JP Morgan Breach Only One Piece Of Vast Criminal Enterprise, Indictments Reveal
Sara Peters, Senior Editor at Dark ReadingNews
Three men at the head of 'diversified criminal conglomerate' used hacking to commit and enhance their securities fraud, illegal online gambling, illegal Bitcoin exchange, and illegal payment processing businesses, 23-count indictment alleges.
By Sara Peters Senior Editor at Dark Reading, 11/10/2015
Comment2 comments  |  Read  |  Post a Comment
Why Threat Intelligence Feels Like A Game Of Connect Four
Kristi Horton, Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC)Commentary
In real life, solving the cybersecurity puzzle has many challenges. But shared wisdom and community defense models are making it easier to connect the dots.
By Kristi Horton Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC), 11/10/2015
Comment2 comments  |  Read  |  Post a Comment
Cybersecurity Skills Gap: Too Good To Be True For Job Seekers?
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
New track at Black Hat Europe explores the special challenges of managing an information security career for both job hunters and job hirers.
By Marilyn Cohodas Community Editor, Dark Reading, 11/9/2015
Comment0 comments  |  Read  |  Post a Comment
What Flu Season Can Teach Us About Fighting Cyberattacks
Dug Song, CEO, Duo SecurityCommentary
Cybersecurity doesn't have to be an arms race towards complexity if we put people front and center of the solution.
By Dug Song CEO, Duo Security, 11/6/2015
Comment2 comments  |  Read  |  Post a Comment
Mature & Unconfident: The Best Information Security Teams Ever!
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEyeCommentary
Security through maturity and humility is a workable philosophy with proven results for organizations that are willing to give it a try. Here’s why.
By Joshua Goldfarb VP & CTO - Emerging Technologies, FireEye, 11/5/2015
Comment0 comments  |  Read  |  Post a Comment
BYOD 2015: Data Loss, Data Leaks & Data Breaches
Subbu Sthanu, Director, Mobile Security & Application Security, IBMCommentary
The growth of employee-owned devices in the workplace is placing new demands on enterprises struggling to protect both personal and professional data.
By Subbu Sthanu Director, Mobile Security & Application Security, IBM, 11/4/2015
Comment1 Comment  |  Read  |  Post a Comment
The Evolving Security Budget: 3 New Ways CISOs Prioritize Spending
Ericka Chickowski, Contributing Writer, Dark ReadingNews
New report shows increased spending and shifting priorities
By Ericka Chickowski Contributing Writer, Dark Reading, 11/4/2015
Comment0 comments  |  Read  |  Post a Comment
UK-US Cyberattack Simulation On Finance Sector Set For This Month
Sara Peters, Senior Editor at Dark ReadingNews
US-CERT and CERT-UK putting President and Prime Minister's earlier plans into action.
By Sara Peters Senior Editor at Dark Reading, 11/2/2015
Comment0 comments  |  Read  |  Post a Comment
The Global CISO: Why U.S. Leaders Must Think Beyond Borders
Kal Bittianda, Consultant, Egon ZehnderCommentary
To compete for the top cybersecurity jobs on a world stage, home-grown CISOs need to take a more international approach to professional development.
By Kal Bittianda Consultant, Egon Zehnder, 10/28/2015
Comment13 comments  |  Read  |  Post a Comment
Bad News is Good News For Security Budgets But Not Skills
Bob Kalka, VP, IBM SecurityCommentary
Cybersecurity is finally getting the attention – and dollars – it deserves from the C-Suite. The challenge now is finding the talent to take full advantage of these technology investments.
By Bob Kalka VP, IBM Security, 10/27/2015
Comment3 comments  |  Read  |  Post a Comment
Millennials Not Pursuing Cybersecurity Careers
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Lack of awareness about what cybersecurity jobs entail is widespread worldwide among 18- to 26-year-olds -- especially women -- a new study finds.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/26/2015
Comment22 comments  |  Read  |  Post a Comment
New Approaches to Vendor Risk Management
Dr. Aleksandr Yampolskiy, CEO & Cofounder, SecurityScorecardCommentary
The key to managing partner security risk is having truly verifiable evidence.
By Dr. Aleksandr Yampolskiy CEO & Cofounder, SecurityScorecard, 10/26/2015
Comment0 comments  |  Read  |  Post a Comment
You’ve Been Attacked. Now What?
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
By Ryan Vela Regional Director, Fidelis Cybersecurity, 10/23/2015
Comment10 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio