Operations
News & Commentary
Black Hat USA: Empowering Women In Security
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
A panel of influential women in the security industry will share their insights and identify resources for fostering professional development (and recruiting) of women in the field.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/4/2015
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading News Desk Live At Black Hat 2015
Dark Reading Staff, News
Please join host Sara Peters and her guests for the first-ever Dark Reading News Desk show at Black Hat USA 2015, premiering Wednesday.
By Dark Reading Staff , 8/4/2015
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Launches Jobs Board
Tim Wilson, Editor in Chief, Dark ReadingCommentary
New feature will help hiring companies and security job seekers find each other online.
By Tim Wilson Editor in Chief, Dark Reading, 8/4/2015
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Preps Week Of Show Coverage At Black Hat USA
Tim Wilson, Editor in Chief, Dark ReadingCommentary
If you want to know what's happening in Las Vegas this week at Black Hat, Dark Reading's got the scoop.
By Tim Wilson Editor in Chief, Dark Reading, 8/3/2015
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Comes To You Live From Black Hat
Sara Peters, Senior Editor at Dark ReadingCommentary
Live video coverage from Las Vegas Wednesday and Thursday
By Sara Peters Senior Editor at Dark Reading, 8/3/2015
Comment3 comments  |  Read  |  Post a Comment
Cyber Boot Camp: Lessons Learned
Marilyn Cohodas, Community Editor, Dark Reading
What happens when 50 young people spend a week in the trenches with cybersecurity researchers from ESET? One picture is worth a thousand words. Here are seven.
By Marilyn Cohodas Community Editor, Dark Reading, 7/31/2015
Comment4 comments  |  Read  |  Post a Comment
Startup 'Stealth Worker' Matches Businesses With Security Talent
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New online service helps businesses looking for part-time security professionals fill specific job needs.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/30/2015
Comment2 comments  |  Read  |  Post a Comment
Closing The Gap Between Security & Networking Ops: 5 Best Practices
Nimmy Reichenberg, VP of Strategy, AlgoSecCommentary
If your factions are warring, there’s a lot you can do about it. Here’s how -- and why you can’t afford to wait.
By Nimmy Reichenberg VP of Strategy, AlgoSec, 7/30/2015
Comment1 Comment  |  Read  |  Post a Comment
How To Put Data At The Heart Of Your Security Practice
Jay Jacobs, Senior Data Scientist, BitSight TechnologiesCommentary
First step: A good set of questions that seek out objective, measurable answers.
By Jay Jacobs Senior Data Scientist, BitSight Technologies, 7/28/2015
Comment1 Comment  |  Read  |  Post a Comment
What 30 Classic Games Can Teach Us about Security
David Spark, Veteran Tech journalist and founder of Spark Media Solutions
Information security experts share their thoughts on how participating in games and sports helped hone their professional skills.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 7/28/2015
Comment2 comments  |  Read  |  Post a Comment
New Phishing Campaign Leverages Google Drive
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Researchers believe technique is geared to take over Google SSO accounts.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/28/2015
Comment2 comments  |  Read  |  Post a Comment
The First 24 Hours In The Wake Of A Data Breach
Stephen Treglia, JD, HCISPP, Legal Counsel & HIPAA Compliance Officer- Investigations, Absolute SoftwareCommentary
There is a direct correlation between how quickly an organization can identify and contain a data breach and the financial consequences that may result.
By Stephen Treglia JD, HCISPP, Legal Counsel & HIPAA Compliance Officer- Investigations, Absolute Software, 7/27/2015
Comment0 comments  |  Read  |  Post a Comment
Smartwatches Could Become New Frontier for Cyber Attackers
Jai Vijayan, Freelance writerNews
Every single smartwatch tested in a recent study by HP had serious security weaknesses.
By Jai Vijayan Freelance writer, 7/24/2015
Comment1 Comment  |  Read  |  Post a Comment
Internet of Things: Anything You Track Could Be Used Against You
Lysa Myers, Security Researcher, ESETCommentary
Lawyers – not security advocates – have fired the first salvos over wearable tech privacy. The results may surprise you.
By Lysa Myers Security Researcher, ESET, 7/23/2015
Comment0 comments  |  Read  |  Post a Comment
Finding The ROI Of Threat Intelligence: 5 Steps
Ryan Trost, CIO & Co-founder, ThreatQuotientCommentary
Advice from a former SOC manager on how to leverage threat intel without increasing the bottom line.
By Ryan Trost CIO & Co-founder, ThreatQuotient, 7/22/2015
Comment1 Comment  |  Read  |  Post a Comment
Detection: A Balanced Approach For Mitigating Risk
Joshua Goldfarb, VP & CTO - Americas, FireEye.Commentary
Only detection and response can complete the security picture that begins with prevention.
By Joshua Goldfarb VP & CTO - Americas, FireEye., 7/21/2015
Comment0 comments  |  Read  |  Post a Comment
Time’s Running Out For The $76 Billion Detection Industry
Simon Crosby, Co-founder & CTO, BromiumCommentary
The one strategy that can deliver the needle to the security team without the haystack is prevention.
By Simon Crosby Co-founder & CTO, Bromium, 7/21/2015
Comment3 comments  |  Read  |  Post a Comment
CISOs Caught In A Catch-22
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Chief information security officers are considered 'accountable' for breaches while not always in charge of all infosec strategy and purchases, new report shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/21/2015
Comment1 Comment  |  Read  |  Post a Comment
How I Learned To Love Active Defense
John Strand, SANS Senior Instructor & Owner, Black Hills Information SecurityCommentary
Yes, traditional cyber defenses can be effective. They just need to be a little more active.
By John Strand SANS Senior Instructor & Owner, Black Hills Information Security, 7/20/2015
Comment1 Comment  |  Read  |  Post a Comment
Mobile App Security: 4 Critical Issues
Subbu Sthanu, Director, Mobile Security & Application Security, IBMCommentary
Securing the mobile workforce in the age of BYOD is no easy task. You can begin with these four measures.
By Subbu Sthanu Director, Mobile Security & Application Security, IBM, 7/17/2015
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: good one 
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2001-1594
Published: 2015-08-04
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, an...

CVE-2002-2445
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdwon user, which has unspecified impact and attack vectors.

CVE-2002-2446
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

CVE-2003-1603
Published: 2015-08-04
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

CVE-2004-2777
Published: 2015-08-04
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002...

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!