Endpoint // Privacy
News & Commentary
Darknet: Where Your Stolen Identity Goes to Live
Itay Glick, CEO & Co-founder, VotiroCommentary
Almost everything is available on the Darknet -- drugs, weapons, and child pornography -- but where it really excels is as an educational channel for beginning identity thieves.
By Itay Glick CEO & Co-founder, Votiro, 8/19/2016
Comment1 Comment  |  Read  |  Post a Comment
User Ed: Patching People Vs Vulns
Lysa Myers, Security Researcher, ESETCommentary
How infosec can combine and adapt security education and security defenses to the way users actually do their jobs.
By Lysa Myers Security Researcher, ESET, 8/17/2016
Comment0 comments  |  Read  |  Post a Comment
Data Protection From The Inside Out
Dan Frank, Deloitte Advisory Principal, Cyber Risk ServicesCommentary
Organizations must make fundamental changes in the way they approach data protection.
By Dan Frank Deloitte Advisory Principal, Cyber Risk Services, 8/8/2016
Comment1 Comment  |  Read  |  Post a Comment
8 Alternatives to Selfie Authentication
Terry Sweeney, Contributing Editor
How to definitively prove your identity? A variety of anatomical parts and functions may soon be able to vouch for you.
By Terry Sweeney Contributing Editor, 8/4/2016
Comment0 comments  |  Read  |  Post a Comment
Georgia Man Pleads Guilty To Hacking, Insider Trading
Dark Reading Staff, Quick Hits
Leonid Momotok breached newswire networks and used confidential data for illegal trades worth $30 million.
By Dark Reading Staff , 8/3/2016
Comment0 comments  |  Read  |  Post a Comment
How To Stay Safe On The Black Hat Network: Dont Connect To It
Neil R. Wyler (Grifter), Threat Hunting and Incident Response Specialist, RSACommentary
Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and theres no better place to do it than Black Hat.
By Neil R. Wyler (Grifter) Threat Hunting and Incident Response Specialist, RSA, 7/28/2016
Comment10 comments  |  Read  |  Post a Comment
7 Ways To Charm Users Out of Their Passwords
Terry Sweeney, Contributing Editor
While the incentives have changed over time, it still takes remarkably little to get users to give up their passwords.
By Terry Sweeney Contributing Editor, 7/27/2016
Comment13 comments  |  Read  |  Post a Comment
In Security, Know That You Know Nothing
Michael Sutton, Chief Information Security Office, ZscalerCommentary
Only when security professionals become aware of what they dont know, can they start asking the right questions and implementing the right security controls.
By Michael Sutton Chief Information Security Office, Zscaler, 7/26/2016
Comment7 comments  |  Read  |  Post a Comment
Russia Likely Behind DNC Breach, Says FBI
Dark Reading Staff, Quick Hits
Motive behind DNC hack and leak is possibly to tilt election in favor of Trump, say US officials.
By Dark Reading Staff , 7/26/2016
Comment5 comments  |  Read  |  Post a Comment
Security Gets Political With Hacks, Darknet Sales
Terry Sweeney, Contributing EditorNews
As presidential campaigns get into full swing, neither party is immune to online chicanery -- and neither are voters
By Terry Sweeney Contributing Editor, 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Staying Cyber Safe At The Olympics
Ericka Chickowski, Contributing Writer, Dark Reading
Travel tips and more in hostile environments abroad.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/16/2016
Comment1 Comment  |  Read  |  Post a Comment
What's Next For Canadas Surveillance Landscape?
Bruce Cowper, SecTor Co-FounderCommentary
Edward Snowden headlines SecTor security conference as Canadian privacy advocates await the Trudeau governments next move in the countrys complex privacy and security debate.
By Bruce Cowper SecTor Co-Founder, 7/14/2016
Comment0 comments  |  Read  |  Post a Comment
EUs General Data Protection Regulation Is Law: Now What?
Kaushik Narayan, CTO, Skyhigh NetworksCommentary
Organizations have two years to prepare to act as borrowers, not owners, of customer data. Here are seven provisions of the new GPDR you ignore at your peril.
By Kaushik Narayan CTO, Skyhigh Networks, 7/12/2016
Comment2 comments  |  Read  |  Post a Comment
Facebook Will Offer 'Secret Conversations' On Messenger
Dark Reading Staff, Quick Hits
New feature with end-to-end encryption on some opt-in messages likely to be available soon.
By Dark Reading Staff , 7/11/2016
Comment0 comments  |  Read  |  Post a Comment
Finance, Healthcare,Tech Sectors Highest Users Of Encryption, Survey Says
Dark Reading Staff, Quick Hits
Ponemon/Thales survey shows highly regulated industries are catching on.
By Dark Reading Staff , 7/6/2016
Comment0 comments  |  Read  |  Post a Comment
Internet Of Things & The Platform Of Parenthood
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
A new fathers musings on the problems with securing embedded systems, and why there are so few incentives for architecting trustworthy IoT technology from the ground up.
By Don Bailey Founder & CEO, Lab Mouse Security, 6/23/2016
Comment21 comments  |  Read  |  Post a Comment
5 Tips For Making Data Privacy Part Of The Companys Culture
Steve Zurier, Freelance WriterNews
Common sense steps organizations can take to protect corporate data.
By Steve Zurier Freelance Writer, 6/22/2016
Comment0 comments  |  Read  |  Post a Comment
Privacy Shield: Can the US Earn the EUs Trust Post Apple vs. FBI?
Peter Merkulov, VP, Product Strategy & Technology AlliancesCommentary
Rebuilding the privacy framework for data transfer between the US and its European trading partners wont be easy but its still a worthwhile effort.
By Peter Merkulov VP, Product Strategy & Technology Alliances, 6/20/2016
Comment2 comments  |  Read  |  Post a Comment
How Secure is Secure? Tips For Investing In The Right Strategy
Pritesh Parekh, VP & Chief Security Officer, ZuoraCommentary
Business alignment, defense-in-depth and a phased approach are three principles to follow when building out a solid security program.
By Pritesh Parekh VP & Chief Security Officer, Zuora, 6/17/2016
Comment2 comments  |  Read  |  Post a Comment
Apple Rehires Security Expert Jon Callas
Dark Reading Staff, Quick Hits
Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.
By Dark Reading Staff , 5/25/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas and her guest, David Shearer, (ISC)2 Chief Executive Officer, as they discuss issues that keep IT security professionals up at night, including results from the recent 2016 Black Hat Attendee Survey.