Tech Center Privacy
Dark Reading's Privacy Tech Center offers the latest news and information on issues surrounding user privacy and identity protection. Written for security and IT professionals, the Privacy Tech Center is designed to provide details on technologies, threats, and legislation surrounding data privacy, as well as insights on how enterprises can protect the privacy of their employees, customers, and business partners.
Two-step verification system has no provision for backup access or lost phones, doesn't address public username problem.
Dark Mail Alliance aims to create open-source email protocol and architecture for the industry in wake of NSA spying revelations
National Security Agency can intercept traffic from Google's and Yahoo's data centers outside the U.S., according to documents from Edward Snowden
Tracking technology that can identify individual identities and devices is improving faster than consumers might realize, warn privacy researchers
WhiteHat's Aviator browser promises better privacy online
New information shows the extent the U.S. may be playing both offense and defense in cyberspace
- NSA Responds To Criticism Over Surveillance Programs
- PCI DSS 3.0 Change Highlights
- Silent Circle, Lavabit End Secure Email Services Due To Surveillance Concerns
- NSA Director Faces Cybersecurity Community At Black Hat
- Reputation.com Acquires Online Platform MySocialCloud
By The Numbers
Healthcare Records At Risk
Health plans are the most breached healthcare organizations, losing some 10.32 million patient records in the past year.
Source: HITRUST LLC
Around the Web
- HHS Inspector General: Obamacare Privacy Protections Way Behind Schedule; Rampant Violations Of Law Possible
- California Gives Teens A Do-Over
- The Enemy Of Risk Management Starts With A C (And It's Not China)
Products & Releases
Free Research and Reports
- Forrester Study: The Total Economic Impact of VMware View
- Securing Executives and Highly Sensitive Documents of Corporations Globally
- Strategic Opportunity Analysis of the Global Smarter City
- Three Capabilities to Fuel Today's Dynamic Planning and Forecasting
- IDC Analyst Connection: Using Blade Systems to Cut Costs and Sharpen Efficiencies
Dark Reading Digital Magazine
Quick Wins For Strengthening SMB Security
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.
Off-by-one error in the adpcm_decode_frame function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-bounds array access.
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write.
Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access.
The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via ID3v2 header data, which triggers an out-of-bounds array access.