Endpoint // Privacy
News & Commentary
Smartwatches Could Become New Frontier for Cyber Attackers
Jai Vijayan, Freelance writerNews
Every single smartwatch tested in a recent study by HP had serious security weaknesses.
By Jai Vijayan Freelance writer, 7/24/2015
Comment1 Comment  |  Read  |  Post a Comment
Internet of Things: Anything You Track Could Be Used Against You
Lysa Myers, Security Researcher, ESETCommentary
Lawyers not security advocates have fired the first salvos over wearable tech privacy. The results may surprise you.
By Lysa Myers Security Researcher, ESET, 7/23/2015
Comment0 comments  |  Read  |  Post a Comment
3 Reasons Why Giving Government A Backdoor Is A Bad Idea
Jai Vijayan, Freelance writerNews
Exceptional access of the kind being demanded by the FBI and others is unworkable and impractical, security researchers say
By Jai Vijayan Freelance writer, 7/9/2015
Comment6 comments  |  Read  |  Post a Comment
OpenSSL Fixes High-Severity, Narrow-Scope Vulnerability
Sara Peters, Senior Editor at Dark ReadingNews
Bug allows attackers to issue invalid certificates, but is difficult to exploit and only affects OpenSSL versions released since last month.
By Sara Peters Senior Editor at Dark Reading, 7/9/2015
Comment0 comments  |  Read  |  Post a Comment
Underwriters Laboratories To Launch Cyber Security Certification Program
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Meanwhile, UL is also in discussion with the White House on its plans to foster standards for Internet of Things security.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/6/2015
Comment1 Comment  |  Read  |  Post a Comment
Italian Surveillance Software Maker Falls Victim To Doxing Attack
Sara Peters, Senior Editor at Dark ReadingNews
Milan-based Hacking Team tells customers to stop using its products after leaked documents reveal the product's source code and the company's history of selling to governments with records of human rights abuses.
By Sara Peters Senior Editor at Dark Reading, 7/6/2015
Comment1 Comment  |  Read  |  Post a Comment
4 Ways Cloud Usage Is Putting Health Data At Risk
Jai Vijayan, Freelance writerNews
A huge shadow IT problem is just one of the risks of uncontrolled cloud usage in healthcare organizations, new study shows.
By Jai Vijayan Freelance writer, 6/26/2015
Comment3 comments  |  Read  |  Post a Comment
Why China Wants Your Sensitive Data
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
Since May 2014, the Chinese government has been amassing a 'Facebook for human intelligence.' Here's what it's doing with the info.
By Adam Meyers VP of Intelligence, CrowdStrike, 6/24/2015
Comment17 comments  |  Read  |  Post a Comment
Report: NSA, GCHQ Actively Targeted Kaspersky Lab, Other Security Vendors
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Snowden documents reveal government intelligence agencies were working to subvert security software. Kaspersky Lab calls nation-states' targeting of security companies 'extremely worrying.'
By Sara Peters Senior Editor at Dark Reading, 6/22/2015
Comment0 comments  |  Read  |  Post a Comment
EFF Data Privacy Report Praises Apple, Slams AT&T
Nathan Eddy, Freelance WriterNews
In the Electronic Frontier Foundation's fifth annual report, Apple gets high marks for protecting privacy, while WhatsApp and AT&T land at the bottom.
By Nathan Eddy Freelance Writer, 6/18/2015
Comment8 comments  |  Read  |  Post a Comment
Smart Cities', IoT's Key Challenges: Security, Lack of Standards
Sara Peters, Senior Editor at Dark ReadingNews
London Technology Week: At IFSEC, futurologist Simon Moores asks who's responsible when a smart city crashes.
By Sara Peters Senior Editor at Dark Reading, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Time to Focus on Data Integrity
Nate Lesser & Mary Yang, National Institute of Standards and TechnologyCommentary
Information security efforts have historically centered on data theft. But cybercriminals who alter corporate records and personal information can also cause serious harm.
By Nate Lesser & Mary Yang National Institute of Standards and Technology, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Password Manager LastPass Hacked
Dark Reading Staff, Quick Hits
LastPass says user account email addresses, password reminders, server per user salts, and authentication hashes compromised.
By Dark Reading Staff , 6/16/2015
Comment8 comments  |  Read  |  Post a Comment
Data Privacy Playbook For Wearables And IoT
Scott Amyx, Founder & CEO, Amyx+McKinseyCommentary
Wearables and the Internet of Things raise significant consumer privacy issues that you need to prepare for now. We outline the key concerns with a primer on how to get your organization ready.
By Scott Amyx Founder & CEO, Amyx+McKinsey, 6/8/2015
Comment3 comments  |  Read  |  Post a Comment
7 Critical Criteria for Data Encryption In The Cloud
Ron Zalkind, CTO & Co-founder, CloudLockCommentary
Encrypting the huge number of data files stored in a public cloud today is like bubble-wrapping an entire house. Better to focus on the fragile items that matter.
By Ron Zalkind CTO & Co-founder, CloudLock, 6/8/2015
Comment1 Comment  |  Read  |  Post a Comment
Breach Exposes 4 Million Federal Employees' Personal Info
Dark Reading Staff, Quick Hits
Attackers hit U.S. Office of Personnel Management and Department of the Interior.
By Dark Reading Staff , 6/4/2015
Comment1 Comment  |  Read  |  Post a Comment
Report: NSA Secretly Expanded Warrantless Internet Surveillance To Find Hackers
Dark Reading Staff, Quick Hits
New York Times: Intelligence agency went looking not for criminal hackers on foreign and American soil.
By Dark Reading Staff , 6/4/2015
Comment0 comments  |  Read  |  Post a Comment
Google Centralizes Security, Privacy For Web, Android Users
Thomas Claburn, Editor at Large, Enterprise MobilityNews
Google's new account hub, for users of its Web services and Android smartphones, gives IT organizations a new tool to improve employee awareness of security and privacy.
By Thomas Claburn Editor at Large, Enterprise Mobility, 6/1/2015
Comment0 comments  |  Read  |  Post a Comment
UN Report Warns Encryption Backdoors Violate Human Rights
Sara Peters, Senior Editor at Dark ReadingNews
Report says States should be promoting strong encryption and anonymity tools, not restricting them.
By Sara Peters Senior Editor at Dark Reading, 5/28/2015
Comment6 comments  |  Read  |  Post a Comment
Escalating Cyberattacks Threaten US Healthcare Systems
Rick Kam and Larry Ponemon, Rick Kam, President & Co-founder, ID Experts & Larry Ponemon, Chairman & Founder, Ponemon InstituteCommentary
Electronic health records are prime targets because healthcare organizations lack the resources, processes, and technologies to protect them. And its only going to get worse.
By Rick Kam and Larry Ponemon Rick Kam, President & Co-founder, ID Experts & Larry Ponemon, Chairman & Founder, Ponemon Institute, 5/27/2015
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1955
Published: 2015-08-03
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a crafted byte sequence in authentication data.

CVE-2015-1956
Published: 2015-08-03
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1958 and CVE-2015-1987.

CVE-2015-1958
Published: 2015-08-03
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1987.

CVE-2015-1970
Published: 2015-08-03
The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.

CVE-2015-1987
Published: 2015-08-03
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1958.

Dark Reading Radio
Archived Dark Reading Radio
Whats the future of the venerable firewall? Weve invited two security industry leaders to make their case: Join us and bring your questions and opinions!