Endpoint // Privacy
News & Commentary
Yahoo Demands Government Be More Transparent About Data Requests
Dark Reading Staff, Quick Hits
In a letter to the Director of National Intelligence, the tech company says this transparency would also help clear Yahoo's name in customer email scan case.
By Dark Reading Staff , 10/20/2016
Comment0 comments  |  Read  |  Post a Comment
California Victims Of Yahoo Breach Pursue Claims In State, Not Federal Court
Sara Peters, Senior Editor at Dark ReadingNews
Plaintiffs hope to benefit from California's history of stricter cybersecurity and data privacy law.
By Sara Peters Senior Editor at Dark Reading, 10/17/2016
Comment1 Comment  |  Read  |  Post a Comment
FBI Seeking Access To Another Locked iPhone
Dark Reading Staff, Quick Hits
Bureau 'in the process of assessing our legal and technical options' to access passcode-locked iPhone of Dahir Adan.
By Dark Reading Staff , 10/7/2016
Comment0 comments  |  Read  |  Post a Comment
Attackers Can Use Legit Webcam Sessions To Spy On Mac Users, Researcher Warns
Jai Vijayan, Freelance writerNews
Method does not exploit any vulnerability, uses legitimate functionality of the Mac OS X, Synacks Wardle says.
By Jai Vijayan Freelance writer, 10/6/2016
Comment0 comments  |  Read  |  Post a Comment
NIST Study: User 'Security Fatigue' Adding to Online Risk
Terry Sweeney, Contributing EditorNews
Decision-making overload with passwords, certificates, software updates frustrates users
By Terry Sweeney Contributing Editor, 10/4/2016
Comment0 comments  |  Read  |  Post a Comment
5 Ways To Lock Down Your Login
Steve Zurier, Freelance Writer
New public awareness campaign inspired by the White House calls for users to think more carefully about stronger authentication.
By Steve Zurier Freelance Writer, 10/4/2016
Comment0 comments  |  Read  |  Post a Comment
Privacy Shield's Drama Is Far From Over
Peter Merkulov, VP, Product Strategy & Technology AlliancesCommentary
Businesses are working with trading partners to take responsibility for protecting private data in case the US-EU framework fails.
By Peter Merkulov VP, Product Strategy & Technology Alliances, 10/4/2016
Comment0 comments  |  Read  |  Post a Comment
Grading Obama: C+
Administration Missed Key Opportunities To Civilize Cyberspace
Tom Kellermann,  CEO & Cofounder, Strategic Cyber Ventures Commentary
A middling grade because the President's cyber policy initiatives were reactive, laisse faire, and didnt buttress American economic opportunity.
By Tom Kellermann CEO & Cofounder, Strategic Cyber Ventures , 10/3/2016
Comment0 comments  |  Read  |  Post a Comment
Grading Obama: D-
President Failed To Protect Us From The Bad Guys
Leo Taddeo, CSO, CryptzoneCommentary
A barely passing grade from a former special agent in charge of the NYC FBI cybercrimes division for failing to create deterrents and policies that encourage self defense.
By Leo Taddeo CSO, Cryptzone, 10/3/2016
Comment0 comments  |  Read  |  Post a Comment
6 Ways To Prepare For The EUs GDPR
Jai Vijayan, Freelance writerNews
In less than 20 months, all US companies doing business in the EU will face new consumer privacy requirements. Heres how to prepare for them.
By Jai Vijayan Freelance writer, 9/30/2016
Comment1 Comment  |  Read  |  Post a Comment
Romanian National Gets Three Years For Hack Scheme
Dark Reading Staff, Quick Hits
Mircea-Ilie Ispasoiu was arrested for international hacking plot that involved wire fraud and aggravated identity theft.
By Dark Reading Staff , 9/30/2016
Comment1 Comment  |  Read  |  Post a Comment
FBI Probes Bid To Hack Democratic Party Officials Phones, Sources Say
Dark Reading Staff, Quick Hits
Russia-backed criminals again likely to be behind this hacking which, if proven, could involve theft of sensitive data, say the sources.
By Dark Reading Staff , 9/28/2016
Comment0 comments  |  Read  |  Post a Comment
5 Best Practices For Winning the IoT Security Arms Race
Mark Benson & Brian Ericson, Exosite CTO & Software EngineerCommentary
By focusing on a pragmatic approach to security, its possible to develop IoT solutions that will reduce future risk without breaking the bank.
By Mark Benson, CTO, and Brian Ericson, , 9/27/2016
Comment0 comments  |  Read  |  Post a Comment
7 New Rules For IoT Safety & Vuln Disclosure
Lysa Myers, Security Researcher, ESETCommentary
In the Internet of Things, even the lowliest smart device can be used for a malicious purpose. Manufacturers take heed!
By Lysa Myers Security Researcher, ESET, 9/24/2016
Comment0 comments  |  Read  |  Post a Comment
FTC Releases Video With Data Breach Recovery Advice
Dark Reading Staff, Quick Hits
The US Federal Trade Commission video has detailed instructions on what to do if personal data of a user is stolen and exposed.
By Dark Reading Staff , 9/23/2016
Comment0 comments  |  Read  |  Post a Comment
Snowden: Hollywood Highlights 2 Persistent Privacy Threats
Will Ackerly, Co-Founder & CTO, VirtruCommentary
Oliver Stones movie shows us that while most of us have nothing to hide, we all have information worth protecting both technically and constitutionally.
By Will Ackerly Co-Founder & CTO, Virtru, 9/22/2016
Comment12 comments  |  Read  |  Post a Comment
Scientist Clones Chip To Unlock iPhone, Proves FBI Wrong
Dark Reading Staff, Quick Hits
Dr. Sergei Skorobogatov of Cambridge University spent $100 on a process that may have cost FBI $1 million.
By Dark Reading Staff , 9/20/2016
Comment0 comments  |  Read  |  Post a Comment
San Bernardino iPhone Hack: Media Agencies Sue FBI For Vendor Details
Dark Reading Staff, Quick Hits
Associated Press and two others invoke Freedom of Information Act against the government seeking details of secret transaction.
By Dark Reading Staff , 9/19/2016
Comment0 comments  |  Read  |  Post a Comment
Google Chrome To Flag Non-HTTPS Logins, Credit Card Info 'Not Secure'
Terry Sweeney, Contributing EditorNews
The move is part of a larger Google push to lock down Web traffic using encryption between the browser and Web server.
By Terry Sweeney Contributing Editor, 9/15/2016
Comment0 comments  |  Read  |  Post a Comment
Students Say They'd Only Pay Ransomware Operators About $50
Dark Reading Staff, Quick Hits
Webroot survey finds that students will pay more to recover their private photos than to recover their schoolwork.
By Dark Reading Staff , 9/15/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.