Endpoint //

Privacy

News & Commentary
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher demonstrates how attackers could steal data from smartphones while they're charging.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/8/2018
Comment0 comments  |  Read  |  Post a Comment
Kubernetes Deployments Around the World Show Vulnerabilities
Dark Reading Staff, Quick Hits
Kubernetes owners who expose APIs to the Internet are leaving their systems open to hackers.
By Dark Reading Staff , 12/7/2018
Comment0 comments  |  Read  |  Post a Comment
Insider Threats & Insider Objections
Richard Ford, Chief Scientist, ForcepointCommentary
The tyranny of the urgent and three other reasons why its hard for CISOs to establish a robust insider threat prevention program.
By Richard Ford Chief Scientist, Forcepoint, 12/7/2018
Comment0 comments  |  Read  |  Post a Comment
7 Common Breach Disclosure Mistakes
Jai Vijayan, Freelance writer
How you report a data breach can have a big impact on its fallout.
By Jai Vijayan Freelance writer, 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
6 Ways to Strengthen Your GDPR Compliance Efforts
Steve Zurier, Freelance Writer
Companies have some mistaken notions about how to comply with the new data protection and privacy regulation and that could cost them.
By Steve Zurier Freelance Writer, 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
London Blue BEC Cybercrime Gang Unmasked
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security firm turned the tables on attackers targeting its chief financial officer in an email-borne financial scam.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/4/2018
Comment0 comments  |  Read  |  Post a Comment
MITRE Changes the Game in Security Product Testing
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Nonprofit has published its first-ever evaluation of popular endpoint security tools - measured against its ATT&CK model.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/29/2018
Comment0 comments  |  Read  |  Post a Comment
How to Find a Privacy Job That You'll Love (& Why)
Louise Thorpe, Chief Privacy Officer, American ExpressCommentary
Advice from a millennial woman who has done it: Find your niche and master your craft. You will be amazed at how significant your work will be.
By Louise Thorpe Chief Privacy Officer, American Express, 11/27/2018
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity at the Core
Troy Mattern, Vice President for Product and Services Cybersecurity at Motorola SolutionsCommentary
For too long, cybersecurity has been looked at as one team's responsibility. If we maintain that mentality, we will fail.
By Troy Mattern Vice President for Product and Services Cybersecurity at Motorola Solutions, 11/20/2018
Comment2 comments  |  Read  |  Post a Comment
7 Holiday Security Tips for Retailers
Steve Zurier, Freelance Writer
It's the most wonderful time of the year and hackers are ready to pounce. Here's how to prevent them from wreaking holiday havoc.
By Steve Zurier Freelance Writer, 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff, Quick Hits
Attack could expose the personal information of drivers who sync their mobile phone to a vehicle entertainment system.
By Dark Reading Staff , 11/16/2018
Comment3 comments  |  Read  |  Post a Comment
Guilty Plea Made in Massive International Cell Phone Fraud Case
Dark Reading Staff, Quick Hits
A former West Palm Beach resident is the fifth defendant to plead guilty in a case involving thousands of victims.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Where Is the Consumer Outrage about Data Breaches?
Richard Ford, Chief Scientist, ForcepointCommentary
Facebook, Equifax, Cambridge Analytica Why do breaches of incomprehensible magnitude lead to a quick recovery for the businesses that lost or abused the data and such little lasting impact for the people whose information is stolen.
By Richard Ford Chief Scientist, Forcepoint, 11/1/2018
Comment4 comments  |  Read  |  Post a Comment
FIFA Reveals Second Hack
Dark Reading Staff, Quick Hits
Successful phishing campaign leads attackers to confidential information of world soccer's governing body.
By Dark Reading Staff , 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
The Case for MarDevSecOps
Jim Kaskade, CEO, JanrainCommentary
Why security must lead the integration of marketing into the collaborative security and development model in the cloud.
By Jim Kaskade CEO, Janrain, 10/30/2018
Comment11 comments  |  Read  |  Post a Comment
Benefits of DNS Service Locality
Paul Vixie, Chairman & CEO, Farsight Security, Inc.Commentary
Operating one's own local DNS resolution servers is one of the simplest and lowest-cost things an IT administrator can do to monitor and protect applications, services, and users from potential risks.
By Paul Vixie Chairman & CEO, Farsight Security, Inc., 10/24/2018
Comment0 comments  |  Read  |  Post a Comment
Former HS Teacher Admits to 'Celebgate' Hack
Dark Reading Staff, Quick Hits
Christopher Brannan accessed full iCloud backups, photos, and other personal data belonging to more than 200 victims.
By Dark Reading Staff , 10/23/2018
Comment0 comments  |  Read  |  Post a Comment
How to Get Consumers to Forgive You for a Breach
Dark Reading Staff, Quick Hits
It starts with already-established trust, a new survey shows.
By Dark Reading Staff , 10/18/2018
Comment0 comments  |  Read  |  Post a Comment
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CACommentary
Websites can avoid the negative consequences of a "not secure" label from Google Chrome 68 by following four AOSSL best practices.
By Tim Callan Senior Fellow, Comodo CA, 10/18/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading
Get into their heads to find out why they're flouting your corporate cybersecurity rules.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/16/2018
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19980
PUBLISHED: 2018-12-08
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService.
CVE-2018-19961
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
CVE-2018-19962
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
CVE-2018-19963
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
CVE-2018-19964
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.