Endpoint // Privacy
News & Commentary
In Security, Know That You Know Nothing
Michael Sutton, Chief Information Security Office, ZscalerCommentary
Only when security professionals become aware of what they dont know, can they start asking the right questions and implementing the right security controls.
By Michael Sutton Chief Information Security Office, Zscaler, 7/26/2016
Comment1 Comment  |  Read  |  Post a Comment
Russia Likely Behind DNC Breach, Says FBI
Dark Reading Staff, Quick Hits
Motive behind DNC hack and leak is possibly to tilt election in favor of Trump, say US officials.
By Dark Reading Staff , 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
Security Gets Political With Hacks, Darknet Sales
Terry Sweeney, News
As presidential campaigns get into full swing, neither party is immune to online chicanery -- and neither are voters
By Terry Sweeney , 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Staying Cyber Safe At The Olympics
Ericka Chickowski, Contributing Writer, Dark Reading
Travel tips and more in hostile environments abroad.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/16/2016
Comment1 Comment  |  Read  |  Post a Comment
What's Next For Canadas Surveillance Landscape?
Bruce Cowper, SecTor Co-FounderCommentary
Edward Snowden headlines SecTor security conference as Canadian privacy advocates await the Trudeau governments next move in the countrys complex privacy and security debate.
By Bruce Cowper SecTor Co-Founder, 7/14/2016
Comment0 comments  |  Read  |  Post a Comment
EUs General Data Protection Regulation Is Law: Now What?
Kaushik Narayan, CTO, Skyhigh NetworksCommentary
Organizations have two years to prepare to act as borrowers, not owners, of customer data. Here are seven provisions of the new GPDR you ignore at your peril.
By Kaushik Narayan CTO, Skyhigh Networks, 7/12/2016
Comment2 comments  |  Read  |  Post a Comment
Facebook Will Offer 'Secret Conversations' On Messenger
Dark Reading Staff, Quick Hits
New feature with end-to-end encryption on some opt-in messages likely to be available soon.
By Dark Reading Staff , 7/11/2016
Comment0 comments  |  Read  |  Post a Comment
Finance, Healthcare,Tech Sectors Highest Users Of Encryption, Survey Says
Dark Reading Staff, Quick Hits
Ponemon/Thales survey shows highly regulated industries are catching on.
By Dark Reading Staff , 7/6/2016
Comment0 comments  |  Read  |  Post a Comment
Internet Of Things & The Platform Of Parenthood
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
A new fathers musings on the problems with securing embedded systems, and why there are so few incentives for architecting trustworthy IoT technology from the ground up.
By Don Bailey Founder & CEO, Lab Mouse Security, 6/23/2016
Comment21 comments  |  Read  |  Post a Comment
5 Tips For Making Data Privacy Part Of The Companys Culture
Steve Zurier, Freelance WriterNews
Common sense steps organizations can take to protect corporate data.
By Steve Zurier Freelance Writer, 6/22/2016
Comment0 comments  |  Read  |  Post a Comment
Privacy Shield: Can the US Earn the EUs Trust Post Apple vs. FBI?
Peter Merkulov, VP, Product Strategy & Technology AlliancesCommentary
Rebuilding the privacy framework for data transfer between the US and its European trading partners wont be easy but its still a worthwhile effort.
By Peter Merkulov VP, Product Strategy & Technology Alliances, 6/20/2016
Comment2 comments  |  Read  |  Post a Comment
How Secure is Secure? Tips For Investing In The Right Strategy
Pritesh Parekh, VP & Chief Security Officer, ZuoraCommentary
Business alignment, defense-in-depth and a phased approach are three principles to follow when building out a solid security program.
By Pritesh Parekh VP & Chief Security Officer, Zuora, 6/17/2016
Comment2 comments  |  Read  |  Post a Comment
Apple Rehires Security Expert Jon Callas
Dark Reading Staff, Quick Hits
Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.
By Dark Reading Staff , 5/25/2016
Comment0 comments  |  Read  |  Post a Comment
What Europe Tells Us About The Future Of Data Privacy
Alan M Usas, Adjunct Professor, Department of Computer Science, Brown UniversityCommentary
Recent initiatives offer new strategies for balancing technology, security, and organizational policy goals. Here are three approaches worth considering.
By Alan M Usas Adjunct Professor, Department of Computer Science, Brown University, 5/23/2016
Comment1 Comment  |  Read  |  Post a Comment
Why Security Investigators Should Care About Forensic Research
Paul Shomo,  Technical Manager Strategic Partnerships, Guidance SoftwareCommentary
Despite the promise of expanded visibility into the user trail behind a data breach, the security industry has largely ignored the meticulous advances of forensic researchers. Privacy is just one reason for the snub.
By Paul Shomo Technical Manager Strategic Partnerships, Guidance Software, 5/19/2016
Comment2 comments  |  Read  |  Post a Comment
Tennessee Man Found Guilty Of Mitt Romney Tax Return Hack Scheme
Dark Reading Staff, Quick Hits
Convicted for attempt to blackmail PwC accounting firm with release of former U.S. Presidential candidate's pre-2010 tax returns.
By Dark Reading Staff , 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
Encryption 101: Covering the Bases
Steve Zurier, Freelance Writer
Heres an overview of the key encryption types youll need to lock down your companys systems.
By Steve Zurier Freelance Writer, 5/13/2016
Comment0 comments  |  Read  |  Post a Comment
British Law Enforcement Agency Loses Bid To Get Passwords From Hacker Lauri Love
Dark Reading Staff, Quick Hits
Judge says National Crime Agency should use normal police powers -- not civil action -- to access information, allegedly hacked from US Army, NASA and US Federal Reserve networks.
By Dark Reading Staff , 5/11/2016
Comment0 comments  |  Read  |  Post a Comment
8 Microsoft Office 365 Security Tips To Reduce Data Loss
Sean Martin, CISSP | President, imsmartin
Even with a slew of new security tools and compliance guidance, there are still things you can do to protect this critical business system.
By Sean Martin CISSP | President, imsmartin, 5/2/2016
Comment0 comments  |  Read  |  Post a Comment
Device Advice: Keeping Fraudsters From Consumer Info
Gasan Awad, VP, Identity & Fraud Product Management, EquifaxCommentary
Data breaches are the first stop for criminals with intentions to steal personally identifiable information. These tips show how to fight fraud while optimizing the customer experience.
By Gasan Awad VP, Identity & Fraud Product Management, Equifax, 4/19/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.