Endpoint // Privacy
News & Commentary
Device Advice: Keeping Fraudsters From Consumer Info
Gasan Awad, VP, Identity & Fraud Product Management, EquifaxCommentary
Data breaches are the first stop for criminals with intentions to steal personally identifiable information. These tips show how to fight fraud while optimizing the customer experience.
By Gasan Awad VP, Identity & Fraud Product Management, Equifax, 4/19/2016
Comment0 comments  |  Read  |  Post a Comment
Privacy Debate: Apple & Google Today; AWS or Azure Tomorrow?
Kennet Westby, Founding Partner, President & COO, CoalfireCommentary
Why the recent fight over mobile phone security and encryption is moving to the cloud.
By Kennet Westby Founding Partner, President & COO, Coalfire, 4/18/2016
Comment1 Comment  |  Read  |  Post a Comment
EU Privacy Officials Push Back On Privacy Shield
Sara Peters, Senior Editor at Dark ReadingNews
Better than Safe Harbor, but not good enough. Should we care what they think?
By Sara Peters Senior Editor at Dark Reading, 4/13/2016
Comment1 Comment  |  Read  |  Post a Comment
'FBiOS' Case Heading For A New Firestorm
Jonathan Braverman, Legal and Compliance Officer, CymmetriaCommentary
The surprise developments in the FBI v Apple case offer little reason to celebrate for encryption and privacy advocates.
By Jonathan Braverman Legal and Compliance Officer, Cymmetria, 3/30/2016
Comment1 Comment  |  Read  |  Post a Comment
How To Share Threat Intelligence Through CISA: 10 Things To Know
Sara Peters, Senior Editor at Dark ReadingNews
If you want those liability protections the Cybersecurity Information Sharing Act promised, you must follow DHS's new guidelines.
By Sara Peters Senior Editor at Dark Reading, 3/26/2016
Comment3 comments  |  Read  |  Post a Comment
Think Risk When You Talk About Application Security Today
Preston Hogue, Director of Security Marketing Architecture, F5 NetworksCommentary
Security from a risk-based perspective puts the focus on component failures and provides robust security for the ultimate target of most attacks -- company, customer and personal data.
By Preston Hogue Director of Security Marketing Architecture, F5 Networks, 3/23/2016
Comment0 comments  |  Read  |  Post a Comment
Sextortion, Hacking, Gets Former State Dept. Employee 57 Months In Prison
Dark Reading Staff, Quick Hits
Embassy worker targeted young women and started campaign with phishing, social engineering.
By Dark Reading Staff , 3/22/2016
Comment3 comments  |  Read  |  Post a Comment
iMessage Encryption Cracked, But Fixed In New iOS 9.3
Sara Peters, Senior Editor at Dark ReadingNews
While FBI fights with Apple over iPhone encryption, Johns Hopkins researchers find a weakness in secure IM on iOS, OSX.
By Sara Peters Senior Editor at Dark Reading, 3/21/2016
Comment1 Comment  |  Read  |  Post a Comment
#SaveSecurity Campaign Protests FBI's iPhone Unlocking Request
Dark Reading Staff, Quick Hits
Fight for the Future will publicly display and read aloud thousands of comments outside the US District courthouse at Apple vs. FBI hearing on March 22.
By Dark Reading Staff , 3/21/2016
Comment1 Comment  |  Read  |  Post a Comment
No Place For Tor In The Secured Workplace
Thomas Fischer, Principal Threat Researcher, Digital GuardianCommentary
When it comes to corporate security, anonymity does not necessarily ensure protection of ones private information nor that of your employer.
By Thomas Fischer Principal Threat Researcher, Digital Guardian, 3/18/2016
Comment3 comments  |  Read  |  Post a Comment
Why You Can't Ignore Privacy Shield
Sara Peters, Senior Editor at Dark ReadingNews
Trans-Atlantic transfer of Europeans' personal data might not have concerned you in the past, but here are eight things you need to know now.
By Sara Peters Senior Editor at Dark Reading, 3/17/2016
Comment0 comments  |  Read  |  Post a Comment
Beyond Back Doors: Recalibrating The Encryption Policy Debate
John B. Dickson, CISSP,  Principal, Denim GroupCommentary
Three compelling reasons why access to back doors should not be the intelligence and law enforcement communitys main policy thrust in the fight against terrorism.
By John B. Dickson CISSP, Principal, Denim Group, 3/17/2016
Comment0 comments  |  Read  |  Post a Comment
EU-US Privacy Shield: What Now, What Next?
James Bindseil, President & CEO, GlobalscapeCommentary
The good news: We finally have a clear direction for continuing trans-Atlantic data transfer after several months in limbo. The bad news is in the remaining uncertainties.
By James Bindseil President & CEO, Globalscape, 3/16/2016
Comment0 comments  |  Read  |  Post a Comment
Apple Deliberately Raised Barriers, Government Says
Jai Vijayan, Freelance writerNews
Only the company can do what is needed to help the FBI unlock iPhone belonging to San Bernardino terror suspect, government says.
By Jai Vijayan Freelance writer, 3/11/2016
Comment3 comments  |  Read  |  Post a Comment
Forgot My Password: Caption Contest Winners Announced
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Sticky notes, clouds and authentication jokes. And the winning caption is...
By Marilyn Cohodas Community Editor, Dark Reading, 3/8/2016
Comment2 comments  |  Read  |  Post a Comment
A Warning for Wearables: Think Before You Emote
John C. Havens, Founder, The H(app)athon Project, & IEEE Computer Society Rock Stars SpeakerCommentary
An examination of how wearable devices could become the modern equivalent of blogs broadcasting proprietary workplace information directly to the Internet of Things -- and beyond.
By John C. Havens Founder, The H(app)athon Project, & IEEE Computer Society Rock Stars Speaker, 3/8/2016
Comment0 comments  |  Read  |  Post a Comment
Truly Random Number Generator Promises Stronger Encryption Across All Devices, Cloud
Sara Peters, Senior Editor at Dark ReadingNews
So long pseudo-random number generator. Quantum mechanics brought us true randomness to power our crypto algorithms, and it's strengthening encryption in the cloud, datacenter, and the Internet of Things.
By Sara Peters Senior Editor at Dark Reading, 3/4/2016
Comment2 comments  |  Read  |  Post a Comment
IoT Security Checklist: Get Ahead Of The Curve
Pritesh Parekh, VP & Chief Security Officer, ZuoraCommentary
The security industry needs to take a Consumer Reports approach to Internet of Things product safety, including rigorous development practices and both physical and digital testing.
By Pritesh Parekh VP & Chief Security Officer, Zuora, 3/3/2016
Comment2 comments  |  Read  |  Post a Comment
Encryption, Privacy & Skills Shortage Hot Topics On RSA Keynote Stage
Sara Peters, Senior Editor at Dark ReadingNews
From the president of RSA to the director of the NSA, all RSA conference keynotes mentioned needs for protecting liberties and increasing the infosec workforce.
By Sara Peters Senior Editor at Dark Reading, 3/1/2016
Comment0 comments  |  Read  |  Post a Comment
Better Locks Than Back Doors: Why Apple Is Right About Encryption
Corey Nachreiner, Chief Technology Officer, WatchGuard TechnologiesCommentary
What the landmark privacy case and a new documentary about Stuxnet both have to say about the encryption versus government oversight debate.
By Corey Nachreiner Chief Technology Officer, WatchGuard Technologies, 3/1/2016
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Luongo
Current Conversations nice great
In reply to: Re: There is a way out
Post Your Own Reply
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Better he's on the Internet than on the couch."
Current Issue
Understanding & Managing the Mobile Security Threat
Mobile devices are increasing IT security risk. Is your enterprise ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join us as Dark Reading editors speak with IT security hiring experts about improving IT career prospects.