Endpoint //

Privacy

News & Commentary
Post-Quantum Crypto Standards Arent All About the Math
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/15/2019
Comment0 comments  |  Read  |  Post a Comment
Scammers Fall in Love with Valentine's Day
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Online dating profiles and social media accounts add to the rich data sources that allow criminals to tailor attacks.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/13/2019
Comment0 comments  |  Read  |  Post a Comment
70% of Consumers Want Biometrics in the Workplace
Steve Zurier, Freelance WriterNews
Speed, simplicity, and security underscore their desire, a new study shows.
By Steve Zurier Freelance Writer, 2/13/2019
Comment0 comments  |  Read  |  Post a Comment
4 Payment Security Trends for 2019
Ellen Richey, Vice Chairman and Chief Risk Officer, VisaCommentary
Visa's chief risk officer anticipates some positive changes ahead.
By Ellen Richey Vice Chairman and Chief Risk Officer, Visa, 2/7/2019
Comment0 comments  |  Read  |  Post a Comment
Over 59K Data Breaches Reported in EU Under GDPR
Dark Reading Staff, Quick Hits
In addition, 91 reported fines have been imposed since the regulation went into effect last May.
By Dark Reading Staff , 2/5/2019
Comment2 comments  |  Read  |  Post a Comment
6 Security Tips Before You Put a Digital Assistant to Work
Steve Zurier, Freelance Writer
If you absolutely have to have Amazon Alexa or Google Assistant in your home, heed the following advice.
By Steve Zurier Freelance Writer, 2/4/2019
Comment4 comments  |  Read  |  Post a Comment
Facebook Struggles in Privacy Class-Action Lawsuit
Dark Reading Staff, Quick Hits
Facebook's privacy disclosures "are quite vague" and should have been made more prominent, a federal judge argued.
By Dark Reading Staff , 2/4/2019
Comment1 Comment  |  Read  |  Post a Comment
Why Privacy Is Hard Work
J. Trevor Hughes, President & CEO, IAPPCommentary
For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.
By J. Trevor Hughes President & CEO, IAPP, 1/28/2019
Comment0 comments  |  Read  |  Post a Comment
Internet Society to Issue Privacy Code of Conduct
Steve Zurier, Freelance WriterNews
In time for Data Privacy Day, on Monday, the nine-point guidance will offer insights into how companies can more effectively manage personal data.
By Steve Zurier Freelance Writer, 1/25/2019
Comment3 comments  |  Read  |  Post a Comment
Satya Nadella: Privacy Is a Human Right
Dark Reading Staff, Quick Hits
In a talk at the World Economic Forum, Microsoft's CEO voiced support for GDPR and expressed hope the United States creates a similar approach to privacy.
By Dark Reading Staff , 1/25/2019
Comment1 Comment  |  Read  |  Post a Comment
Credential Compromises by the Numbers
Ericka Chickowski, Contributing Writer, Dark Reading
Recent statistics show just how much credential stealing has become a staple in the attacker playbook.
By Ericka Chickowski Contributing Writer, Dark Reading, 1/25/2019
Comment0 comments  |  Read  |  Post a Comment
The Fact and Fiction of Homomorphic Encryption
Ameesh Divatia, Co-Founder & CEO of BaffleCommentary
The approach's promise continues to entice cryptographers and academics. But don't expect it to help in the real world anytime soon.
By Ameesh Divatia Co-Founder & CEO of Baffle, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Google Hit With $57 Million GDPR Fine in France
Dark Reading Staff, Quick Hits
The fine represents the first major penalty for a US technology company under the new European regulations.
By Dark Reading Staff , 1/21/2019
Comment2 comments  |  Read  |  Post a Comment
The Rx for HIPAA Compliance in the Cloud
Jason Polancich, CEO, MusubuCommentary
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.
By Jason Polancich CEO, Musubu, 1/18/2019
Comment1 Comment  |  Read  |  Post a Comment
'We Want IoT Security Regulation,' Say 95% of IT Decision-Makers
Sara Peters, Senior Editor at Dark ReadingNews
New global survey shows businesses are valuing IoT security more highly, but they are still challenged by IoT data visibility and privacy.
By Sara Peters Senior Editor at Dark Reading, 1/17/2019
Comment0 comments  |  Read  |  Post a Comment
US Judge: Police Can't Force Biometric Authentication
Dark Reading Staff, Quick Hits
Law enforcement cannot order individuals to unlock devices using facial or fingerprint scans, a California judge says.
By Dark Reading Staff , 1/15/2019
Comment6 comments  |  Read  |  Post a Comment
7 Privacy Mistakes That Keep Security Pros on Their Toes
Steve Zurier, Freelance Writer
When it comes to privacy, it's the little things that can lead to big mishaps.
By Steve Zurier Freelance Writer, 1/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Reddit Alerts Users to Possible Account Breaches
Dark Reading Staff, Quick Hits
User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.
By Dark Reading Staff , 1/10/2019
Comment0 comments  |  Read  |  Post a Comment
Consumers Demand Security from Smart Device Makers
Kelly Sheridan, Staff Editor, Dark ReadingNews
Poll shows individuals want better security from IoT device manufacturers as connected products flood the market.
By Kelly Sheridan Staff Editor, Dark Reading, 1/10/2019
Comment2 comments  |  Read  |  Post a Comment
6 Best Practices for Managing an Online Educational Infrastructure
Jamie Smith & Larry Schwarberg, Chief Information Officer; Chief Information Security Officer for University of PhoenixCommentary
Universities must keep pace with rapidly changing technology to help thwart malicious hacking attempts and protect student information.
By Jamie Smith & Larry Schwarberg Chief Information Officer; Chief Information Security Officer for University of Phoenix, 1/10/2019
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Privacy Ops: The New Nexus for CISOs & DPOs
Amit Ashbel, Security Evangelist, Cognigo,  2/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1698
PUBLISHED: 2019-02-21
A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External E...
CVE-2019-1700
PUBLISHED: 2019-02-21
A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio...
CVE-2019-6340
PUBLISHED: 2019-02-21
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RE...
CVE-2019-8996
PUBLISHED: 2019-02-21
In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.
CVE-2019-1681
PUBLISHED: 2019-02-21
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of user-sup...