Endpoint // Privacy
News & Commentary
Cybersecurity Smackdown: What Side Are You On?
Dark Reading Staff, Commentary
Analytics vs. Encryption. Prevention vs. Detection. Machine Learning: Promise or Hype? The Firewall: Dead or Still Breathing? The sharpest minds in the security industry debate some of the industry's most contentious issues.
By Dark Reading Staff , 2/4/2016
Comment1 Comment  |  Read  |  Post a Comment
EU, US Agree On New Data Transfer Pact, But Will It Hold?
Sara Peters, Senior Editor at Dark ReadingNews
So long Safe Harbor, hello 'Privacy Shield.'
By Sara Peters Senior Editor at Dark Reading, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Encryption Has Its Place But It Isnt Foolproof
Doug Clare, Vice President of Product Management, FICOCommentary
Most encrypted data is unencrypted at some point in its lifecycle -- and the bad guys are pretty good at finding the one window left open.
By Doug Clare Vice President of Product Management, FICO, 2/2/2016
Comment2 comments  |  Read  |  Post a Comment
As Good As They're Getting, Analytics Don't Inherently Protect Data
Scott Petry , Co-Founder & CEO of Authentic8Commentary
It is only a matter of time before your system is breached, and when your data is lost, analytics won't help you.
By Scott Petry Co-Founder & CEO of Authentic8, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Big Week For Ransomware
Sara Peters, Senior Editor at Dark ReadingNews
Inventive new variants and damaging attacks swept through the headlines this week.
By Sara Peters Senior Editor at Dark Reading, 1/28/2016
Comment5 comments  |  Read  |  Post a Comment
Data Privacy: Key Elements Of An Information Governance Plan
Heidi Maher, Executive Director, Compliance, Governance and Oversight Counsel (CGOC)Commentary
For Data Privacy Day! Do you have the policies in place to safeguard your companys most strategic information? Here are nine best practices.
By Heidi Maher Executive Director, Compliance, Governance and Oversight Counsel (CGOC), 1/28/2016
Comment0 comments  |  Read  |  Post a Comment
No Safe Harbor Is Coming -- CISA Made Sure Of It
Sara Peters, Senior Editor at Dark ReadingNews
It's time to take your data classification procedures more seriously. If not, that helpful information-sharing you did in the US could cost you hefty fines for privacy violations in the European Union.
By Sara Peters Senior Editor at Dark Reading, 1/22/2016
Comment3 comments  |  Read  |  Post a Comment
The Internet of Private Things
James Kane, Cofounder, Two Bulls
A cautionary tale about the rules of Privacy by Design and seven IoT companies that broke them in recent years.
By James Kane Cofounder, Two Bulls, 1/15/2016
Comment1 Comment  |  Read  |  Post a Comment
83% of InfoSec Pros Think (Another) Successful Cyberattack On Critical Infrastructure Likely In 2016
Sara Peters, Senior Editor at Dark ReadingNews
ISACA survey finds that a majority of cybersecurity professionals feel privacy is being compromised in effort to create stronger security regulation.
By Sara Peters Senior Editor at Dark Reading, 1/11/2016
Comment3 comments  |  Read  |  Post a Comment
Mobile Apps A Vulnerable Spot For Connected Security Cameras
Sara Peters, Senior Editor at Dark ReadingNews
Study finds security camera vendors making the same rookie infosec mistakes that other IoT vendors make.
By Sara Peters Senior Editor at Dark Reading, 1/7/2016
Comment0 comments  |  Read  |  Post a Comment
2015: The Year Of 'Attacks on Trust'
Kevin Bocek, VP Security Strategy & Threat Intelligence, VenafiCommentary
Nine attacks that leveraged stolen, compromised, or unprotected cryptographic keys and digital certificates show how easy it is for cybercriminals to bypass security controls and hide their actions.
By Kevin Bocek VP Security Strategy & Threat Intelligence, Venafi, 1/4/2016
Comment0 comments  |  Read  |  Post a Comment
The Changing Face Of Encryption: What You Need To Know Now
Yehuda Lindell, Co-founder & Chief Scientist, Dyadic SecurityCommentary
Encryption today is now an absolute must and the fact that it is difficult does not change the fact that you have to use it.
By Yehuda Lindell Co-founder & Chief Scientist, Dyadic Security, 12/30/2015
Comment4 comments  |  Read  |  Post a Comment
2015 Ransomware Wrap-Up
Sara Peters, Senior Editor at Dark Reading
Here's a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.
By Sara Peters Senior Editor at Dark Reading, 12/22/2015
Comment11 comments  |  Read  |  Post a Comment
An Ill Wynd Blowing But No Safe Harbor
James Bindseil, President & CEO, GlobalscapeCommentary
What will state-of-the-art for cybersecurity look like in 2016? The regulatory headwinds on both sides of the Atlantic portend big changes.
By James Bindseil President & CEO, Globalscape, 12/16/2015
Comment0 comments  |  Read  |  Post a Comment
FBI Tweaks Stance On Encryption BackDoors, Admits To Using 0-Day Exploits
Dark Reading Staff, Quick Hits
FBI retreats a step, but makes stand on end-to-end encryption. Meanwhile, European Union gets ready with a rougher, tougher replacement for Safe Harbor.
By Dark Reading Staff , 12/10/2015
Comment1 Comment  |  Read  |  Post a Comment
Parsing What Is Reasonable In Security, Post FTC v Wyndham
Tony Porras, Cyber Security & Compliance AttorneyCommentary
In today's regulatory climate, companies can no longer depend on technology solutions alone for example, SIEM -- to protect corporate data and customer privacy. Here's why.
By Tony Porras Cyber Security & Compliance Attorney, 11/24/2015
Comment1 Comment  |  Read  |  Post a Comment
Google Study Finds Email Security A Mixed Bag
Jai Vijayan, Freelance writerNews
The use of encryption and authentication mechanisms by Google, Yahoo, and Microsoft has improved security -- but problems remain.
By Jai Vijayan Freelance writer, 11/13/2015
Comment1 Comment  |  Read  |  Post a Comment
Why Threat Intelligence Feels Like A Game Of Connect Four
Kristi Horton, Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC)Commentary
In real life, solving the cybersecurity puzzle has many challenges. But shared wisdom and community defense models are making it easier to connect the dots.
By Kristi Horton Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC), 11/10/2015
Comment2 comments  |  Read  |  Post a Comment
Tech Companies Get Poor Marks For Data Privacy
Thomas Claburn, Editor at Large, Enterprise MobilityNews
An advocacy organization finds gaps in corporate support for freedom of expression and data protection.
By Thomas Claburn Editor at Large, Enterprise Mobility, 11/5/2015
Comment4 comments  |  Read  |  Post a Comment
U.K. Bill Aims To Limit Use Of Encryption
Dark Reading Staff, Quick Hits
Members of British government taking a stab what members of American government have also been attempting to push through.
By Dark Reading Staff , 11/3/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Jamesbrownpal
Current Conversations good information nice
In reply to: Re: Pending Review
Post Your Own Reply
Posted by Griezmannpal
Current Conversations GREAT INFORMATION
In reply to: Re: Pending Review
Post Your Own Reply
Posted by Benwatanabe
Current Conversations nice post great one
In reply to: Re: Pending Review
Post Your Own Reply
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: nice one good
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.