Endpoint // Privacy
News & Commentary
Apple Rehires Security Expert Jon Callas
Dark Reading Staff, Quick Hits
Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.
By Dark Reading Staff , 5/25/2016
Comment0 comments  |  Read  |  Post a Comment
What Europe Tells Us About The Future Of Data Privacy
Alan M Usas, Adjunct Professor, Department of Computer Science, Brown UniversityCommentary
Recent initiatives offer new strategies for balancing technology, security, and organizational policy goals. Here are three approaches worth considering.
By Alan M Usas Adjunct Professor, Department of Computer Science, Brown University, 5/23/2016
Comment1 Comment  |  Read  |  Post a Comment
Why Security Investigators Should Care About Forensic Research
Paul Shomo,  Technical Manager Strategic Partnerships, Guidance SoftwareCommentary
Despite the promise of expanded visibility into the user trail behind a data breach, the security industry has largely ignored the meticulous advances of forensic researchers. Privacy is just one reason for the snub.
By Paul Shomo Technical Manager Strategic Partnerships, Guidance Software, 5/19/2016
Comment2 comments  |  Read  |  Post a Comment
Tennessee Man Found Guilty Of Mitt Romney Tax Return Hack Scheme
Dark Reading Staff, Quick Hits
Convicted for attempt to blackmail PwC accounting firm with release of former U.S. Presidential candidate's pre-2010 tax returns.
By Dark Reading Staff , 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
Encryption 101: Covering the Bases
Steve Zurier, Freelance Writer
Heres an overview of the key encryption types youll need to lock down your companys systems.
By Steve Zurier Freelance Writer, 5/13/2016
Comment0 comments  |  Read  |  Post a Comment
British Law Enforcement Agency Loses Bid To Get Passwords From Hacker Lauri Love
Dark Reading Staff, Quick Hits
Judge says National Crime Agency should use normal police powers -- not civil action -- to access information, allegedly hacked from US Army, NASA and US Federal Reserve networks.
By Dark Reading Staff , 5/11/2016
Comment0 comments  |  Read  |  Post a Comment
8 Microsoft Office 365 Security Tips To Reduce Data Loss
Sean Martin, CISSP | President, imsmartin
Even with a slew of new security tools and compliance guidance, there are still things you can do to protect this critical business system.
By Sean Martin CISSP | President, imsmartin, 5/2/2016
Comment0 comments  |  Read  |  Post a Comment
Device Advice: Keeping Fraudsters From Consumer Info
Gasan Awad, VP, Identity & Fraud Product Management, EquifaxCommentary
Data breaches are the first stop for criminals with intentions to steal personally identifiable information. These tips show how to fight fraud while optimizing the customer experience.
By Gasan Awad VP, Identity & Fraud Product Management, Equifax, 4/19/2016
Comment0 comments  |  Read  |  Post a Comment
Privacy Debate: Apple & Google Today; AWS or Azure Tomorrow?
Kennet Westby, Founding Partner, President & COO, CoalfireCommentary
Why the recent fight over mobile phone security and encryption is moving to the cloud.
By Kennet Westby Founding Partner, President & COO, Coalfire, 4/18/2016
Comment1 Comment  |  Read  |  Post a Comment
EU Privacy Officials Push Back On Privacy Shield
Sara Peters, Senior Editor at Dark ReadingNews
Better than Safe Harbor, but not good enough. Should we care what they think?
By Sara Peters Senior Editor at Dark Reading, 4/13/2016
Comment1 Comment  |  Read  |  Post a Comment
'FBiOS' Case Heading For A New Firestorm
Jonathan Braverman, Legal and Compliance Officer, CymmetriaCommentary
The surprise developments in the FBI v Apple case offer little reason to celebrate for encryption and privacy advocates.
By Jonathan Braverman Legal and Compliance Officer, Cymmetria, 3/30/2016
Comment1 Comment  |  Read  |  Post a Comment
How To Share Threat Intelligence Through CISA: 10 Things To Know
Sara Peters, Senior Editor at Dark ReadingNews
If you want those liability protections the Cybersecurity Information Sharing Act promised, you must follow DHS's new guidelines.
By Sara Peters Senior Editor at Dark Reading, 3/26/2016
Comment3 comments  |  Read  |  Post a Comment
Think Risk When You Talk About Application Security Today
Preston Hogue, Director of Security Marketing Architecture, F5 NetworksCommentary
Security from a risk-based perspective puts the focus on component failures and provides robust security for the ultimate target of most attacks -- company, customer and personal data.
By Preston Hogue Director of Security Marketing Architecture, F5 Networks, 3/23/2016
Comment0 comments  |  Read  |  Post a Comment
Sextortion, Hacking, Gets Former State Dept. Employee 57 Months In Prison
Dark Reading Staff, Quick Hits
Embassy worker targeted young women and started campaign with phishing, social engineering.
By Dark Reading Staff , 3/22/2016
Comment3 comments  |  Read  |  Post a Comment
iMessage Encryption Cracked, But Fixed In New iOS 9.3
Sara Peters, Senior Editor at Dark ReadingNews
While FBI fights with Apple over iPhone encryption, Johns Hopkins researchers find a weakness in secure IM on iOS, OSX.
By Sara Peters Senior Editor at Dark Reading, 3/21/2016
Comment1 Comment  |  Read  |  Post a Comment
#SaveSecurity Campaign Protests FBI's iPhone Unlocking Request
Dark Reading Staff, Quick Hits
Fight for the Future will publicly display and read aloud thousands of comments outside the US District courthouse at Apple vs. FBI hearing on March 22.
By Dark Reading Staff , 3/21/2016
Comment1 Comment  |  Read  |  Post a Comment
No Place For Tor In The Secured Workplace
Thomas Fischer, Principal Threat Researcher, Digital GuardianCommentary
When it comes to corporate security, anonymity does not necessarily ensure protection of ones private information nor that of your employer.
By Thomas Fischer Principal Threat Researcher, Digital Guardian, 3/18/2016
Comment3 comments  |  Read  |  Post a Comment
Why You Can't Ignore Privacy Shield
Sara Peters, Senior Editor at Dark ReadingNews
Trans-Atlantic transfer of Europeans' personal data might not have concerned you in the past, but here are eight things you need to know now.
By Sara Peters Senior Editor at Dark Reading, 3/17/2016
Comment0 comments  |  Read  |  Post a Comment
Beyond Back Doors: Recalibrating The Encryption Policy Debate
John B. Dickson, CISSP,  Principal, Denim GroupCommentary
Three compelling reasons why access to back doors should not be the intelligence and law enforcement communitys main policy thrust in the fight against terrorism.
By John B. Dickson CISSP, Principal, Denim Group, 3/17/2016
Comment0 comments  |  Read  |  Post a Comment
EU-US Privacy Shield: What Now, What Next?
James Bindseil, President & CEO, GlobalscapeCommentary
The good news: We finally have a clear direction for continuing trans-Atlantic data transfer after several months in limbo. The bad news is in the remaining uncertainties.
By James Bindseil President & CEO, Globalscape, 3/16/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
8 Key Building Blocks for Enterprise Network Defense
Networks are changing rapidly -- and so are strategies for protecting them. This Tech Digest looks at the fundamentals for the next-gen environment.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In this episode of Dark Reading Radio, veteran CISOs will share their experience and insight into how organizations can get the best bang for their security buck.