Endpoint // Privacy
News & Commentary
Facebook Developing App For Private Sharing
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook's in-development "Moments" app could make sharing with small groups easier. Here's what we know, plus tips to manage friend lists now.
By Kristin Burnham Senior Editor, InformationWeek.com, 9/17/2014
Comment3 comments  |  Read  |  Post a Comment
Data Privacy Etiquette: It's Not Just For Kids
Lysa Myers, Security Researcher, ESETCommentary
Children are the innocent victims of the worst effects of social media. Thats why its vital for adults to establish privacy values that are safe for them -- and the rest of us.
By Lysa Myers Security Researcher, ESET, 9/17/2014
Comment4 comments  |  Read  |  Post a Comment
Mining WiFi Data: Retail Privacy Pitfalls
Doug Henschen, Executive Editor, InformationWeekCommentary
WiFi data mining starts with anonymous tracking, but it can lead to personal details in social profiles. Interop New York session explores opportunities and limits for retailers.
By Doug Henschen Executive Editor, InformationWeek, 9/15/2014
Comment13 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Celeb Hack: Is Apple Telling All It Knows?
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? Youre darn tootin'!
By Dave Kearns Analyst, Kuppinger-Cole, 9/3/2014
Comment14 comments  |  Read  |  Post a Comment
NSA Collected More Records Than Court Allowed
Sara Peters, Senior Editor at Dark ReadingNews
New documents show the Foreign Intelligence Surveillance Court is stumped by the NSA's "systemic overcollection."
By Sara Peters Senior Editor at Dark Reading, 8/13/2014
Comment5 comments  |  Read  |  Post a Comment
UK Reconsidering Biometrics
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Parliament is looking for answers about biometrics' privacy, security, future uses, and whether or not legislation is ready for what comes next.
By Sara Peters Senior Editor at Dark Reading, 8/12/2014
Comment4 comments  |  Read  |  Post a Comment
6 Biometric Factors That Are Working Today
Marilyn Cohodas, Community Editor, Dark Reading
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
By Marilyn Cohodas Community Editor, Dark Reading, 8/12/2014
Comment23 comments  |  Read  |  Post a Comment
Internet of Things: Security For A World Of Ubiquitous Computing
Candace Worley, SVP & GM, Endpoint Security, McAfeeCommentary
Endpoint security is hardly dead, and claiming that it is oversimplifies the challenges corporations face now and in the not-very-distant future.
By Candace Worley SVP & GM, Endpoint Security, McAfee, 7/21/2014
Comment5 comments  |  Read  |  Post a Comment
Passwords & The Future Of Identity: Payment Networks?
Andre Boysen, EVP, Digital Identity Evangelist, SecureKeyCommentary
The solution to the omnipresent and enduring password problem may be closer than you think.
By Andre Boysen EVP, Digital Identity Evangelist, SecureKey, 7/16/2014
Comment17 comments  |  Read  |  Post a Comment
NSA Director Downplays Damage From Snowden Leaks
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
New NSA director tells The New York Times he'll have to be more open about agency's activities than his predecessors.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/30/2014
Comment0 comments  |  Read  |  Post a Comment
What Workplace Privacy Will Look Like In 10 Years
David Melnick, Founder & CEO, WebLife BalanceCommentary
New laws like Europe's "right to be forgotten" in Google search are just the latest examples of how quickly perceptions and practices about personal privacy in the workplace are changing.
By David Melnick Founder & CEO, WebLife Balance, 6/19/2014
Comment10 comments  |  Read  |  Post a Comment
Spyware Found On Chinese-Made Smartphone
Tim Wilson, Editor in Chief, Dark ReadingQuick Hits
Unknown manufacturer ships smartphones loaded with app that could allow a hacker to steal personal data or spy on the user, German researcher says.
By Tim Wilson Editor in Chief, Dark Reading, 6/19/2014
Comment5 comments  |  Read  |  Post a Comment
Data Security Decisions In A World Without TrueCrypt
Cam Roberson, Director Reseller Channel, Beachhead SolutionsCommentary
The last days of TrueCrypt left many unanswered questions. But one thing is certain: When encryption freeware ends its life abruptly, being a freeloader can get you into a load of trouble.
By Cam Roberson Director Reseller Channel, Beachhead Solutions, 6/18/2014
Comment16 comments  |  Read  |  Post a Comment
P.F. Chang's Confirms Security Breach
Tim Wilson, Editor in Chief, Dark ReadingQuick Hits
After initial silence, P.F. Chang's restaurant chain goes live with website disclosing information on stolen credit card data.
By Tim Wilson Editor in Chief, Dark Reading, 6/14/2014
Comment3 comments  |  Read  |  Post a Comment
Google Adds Chrome Encryption Option For Webmail
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
An end-to-end encryption test module for Chrome is available now.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/4/2014
Comment0 comments  |  Read  |  Post a Comment
How The Math Of Biometric Authentication Adds Up
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Yes, it's true that if your authentication scheme only allows a single fingerprint you only have 10 choices. But there's no rule that says it has to be one, and only one.
By Dave Kearns Analyst, Kuppinger-Cole, 6/2/2014
Comment12 comments  |  Read  |  Post a Comment
eBay Breach: Is Your Identity Up For Auction?
JD Sherry, VP Technology & Solutions, Trend MicroCommentary
In a sick twist of events, the roles may just have been reversed on eBay users. Its their social media identities and data that now have the greatest value in the cyber underground.
By JD Sherry VP Technology & Solutions, Trend Micro, 5/23/2014
Comment10 comments  |  Read  |  Post a Comment
Breach At Bit.ly Blamed On Offsite Backup Storage Provider
Tim Wilson, Editor in Chief, Dark ReadingQuick Hits
URL shortening service says user database may have been compromised through backup data.
By Tim Wilson Editor in Chief, Dark Reading, 5/13/2014
Comment2 comments  |  Read  |  Post a Comment
Defending Against Identity Theft In The Military
Lysa Myers, Security Researcher, ESETCommentary
Our military troops are twice as likely to be victims of identity theft as the general population. The reason is in the structure of military culture.
By Lysa Myers Security Researcher, ESET, 5/5/2014
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1032
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inf...

CVE-2012-1417
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.

CVE-2012-1506
Published: 2014-09-17
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from th...

CVE-2012-1507
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index...

CVE-2012-2583
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

Best of the Web
Dark Reading Radio