Endpoint // Privacy
News & Commentary
Parsing What Is Reasonable In Security, Post FTC v Wyndham
Tony Porras, Cyber Security & Compliance AttorneyCommentary
In today's regulatory climate, companies can no longer depend on technology solutions alone for example, SIEM -- to protect corporate data and customer privacy. Here's why.
By Tony Porras Cyber Security & Compliance Attorney, 11/24/2015
Comment0 comments  |  Read  |  Post a Comment
Google Study Finds Email Security A Mixed Bag
Jai Vijayan, Freelance writerNews
The use of encryption and authentication mechanisms by Google, Yahoo, and Microsoft has improved security -- but problems remain.
By Jai Vijayan Freelance writer, 11/13/2015
Comment1 Comment  |  Read  |  Post a Comment
Why Threat Intelligence Feels Like A Game Of Connect Four
Kristi Horton, Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC)Commentary
In real life, solving the cybersecurity puzzle has many challenges. But shared wisdom and community defense models are making it easier to connect the dots.
By Kristi Horton Lead Intelligence Officer, Financial Services Information Sharing and Analysis Center (FS-ISAC), 11/10/2015
Comment2 comments  |  Read  |  Post a Comment
Tech Companies Get Poor Marks For Data Privacy
Thomas Claburn, Editor at Large, Enterprise MobilityNews
An advocacy organization finds gaps in corporate support for freedom of expression and data protection.
By Thomas Claburn Editor at Large, Enterprise Mobility, 11/5/2015
Comment5 comments  |  Read  |  Post a Comment
U.K. Bill Aims To Limit Use Of Encryption
Dark Reading Staff, Quick Hits
Members of British government taking a stab what members of American government have also been attempting to push through.
By Dark Reading Staff , 11/3/2015
Comment1 Comment  |  Read  |  Post a Comment
Kicking Off A New Era For Policing Cybersecurity
Jason Polancich, Founder & Chief Architect, SurfWatchLabsCommentary
In the wake of FTC v. Wyndham, government agencies are becoming more aggressive about protecting corporate data and customer privacy. But the new rules are very much a work in progress.
By Jason Polancich Founder & Chief Architect, SurfWatchLabs, 11/3/2015
Comment3 comments  |  Read  |  Post a Comment
5 Things To Know About CISA
Sara Peters, Senior Editor at Dark ReadingNews
Despite criticism from privacy advocates, the Cybersecurity Information Sharing Act passed through the Senate yesterday.
By Sara Peters Senior Editor at Dark Reading, 10/28/2015
Comment8 comments  |  Read  |  Post a Comment
Former White House Advisor: Marry Infosec To Economics
Sara Peters, Senior Editor at Dark ReadingNews
Melissa Hathaway, former cybersecurity policy advisor to the White House, says the security and economy agendas should go hand-in-hand, and Western nations' use of surveillance technology is 'alarming.'
By Sara Peters Senior Editor at Dark Reading, 10/19/2015
Comment3 comments  |  Read  |  Post a Comment
Believe It Or Not, Millennials Do Care About Privacy, Security
Sara Peters, Senior Editor at Dark ReadingNews
80% say it is vitally or very important that PII, financial, and/or medical data be shared only with authorized parties
By Sara Peters Senior Editor at Dark Reading, 10/13/2015
Comment1 Comment  |  Read  |  Post a Comment
Data Deletion: A Disconnect Between Perception And Reality
Jai Vijayan, Freelance writerNews
Study shows that methods used to erase data before equipment is resold not as effective as assumed.
By Jai Vijayan Freelance writer, 10/9/2015
Comment2 comments  |  Read  |  Post a Comment
More Reasons To Drop The War On Encryption
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Rod Beckstrom, founding director of the US National Cybersecurity Center visits the Dark Reading News Desk at Black Hat to discuss cybercrime legislation, takedown operations, and why law enforcement should drop the war on encryption.
By Sara Peters Senior Editor at Dark Reading, 10/9/2015
Comment1 Comment  |  Read  |  Post a Comment
What The EUs Safe Harbor Ruling Means For Data Privacy In The Cloud
Michael Fey, President & COO, Blue CoatCommentary
The European Court of Justice today struck down the 15-year-old data transfer agreement between the European Union and the US. Heres how to begin to prepare for the fallout.
By Michael Fey President & COO, Blue Coat, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
Insider Threats, Data Privacy Are Overlooked By Businesses
William Terdoslavich, Freelance WriterNews
Data security and data breaches are all over the news. However, not all companies are paying as close attention to insider threats and data privacy as they should. A new survey looks at the risks.
By William Terdoslavich Freelance Writer, 10/2/2015
Comment1 Comment  |  Read  |  Post a Comment
10 Password Managers For Business Use
Sara Peters, Senior Editor at Dark Reading
Beyond helping end users keep track of their logins, some password managers can integrate with Active Directory and generate compliance reports.
By Sara Peters Senior Editor at Dark Reading, 9/28/2015
Comment3 comments  |  Read  |  Post a Comment
Microsoft Explains Windows 10 Privacy Policies
Kelly Sheridan, Associate Editor, InformationWeekNews
In response to the uproar over privacy concerns, Microsoft executives are clarifying how information is collected and used in Windows 10.
By Kelly Sheridan Associate Editor, InformationWeek, 9/28/2015
Comment7 comments  |  Read  |  Post a Comment
FTC v. Wyndham: Naughty 9 Security Fails to Avoid
Jason Straight, Senior VP & Chief Privacy Officer, UnitedLexCommentary
The Federal Trade Commissions fair trade suit against Wyndham hotels offers insight into the brave new world of cybersecurity regulation of consumer data.
By Jason Straight Senior VP & Chief Privacy Officer, UnitedLex, 9/25/2015
Comment3 comments  |  Read  |  Post a Comment
Darknet Is Full Of Criminals & Governments Giving TOR A Bad Name
Sara Peters, Senior Editor at Dark ReadingNews
Human traffickers, crowd-sourcing murderers, child pornographers, and governments in the market for juicy zero-days are flooding the Dark Web -- making it hard for the good guys to defend it.
By Sara Peters Senior Editor at Dark Reading, 9/16/2015
Comment4 comments  |  Read  |  Post a Comment
Comic Con, Dark Reading Version
John Klossner, Cartoonist
Our graphic novel illustrating a typical day in the life of a security super hero, as imagined by cartoonist John Klossner.
By John Klossner Cartoonist, 9/14/2015
Comment2 comments  |  Read  |  Post a Comment
What You Should, But Don't, Do About Untrusted Certs, CAs
Sara Peters, Senior Editor at Dark ReadingNews
Security departments could take measures to protect organizations from untrusted certificate authorities and counterfeit SSL certs, but most don't bother.
By Sara Peters Senior Editor at Dark Reading, 9/9/2015
Comment2 comments  |  Read  |  Post a Comment
Why Everybody Loves (And Hates) Security
Sergio Galindo, GM, GFI SoftwareCommentary
Even security professionals hate security. So why do we all harbor so much dislike for something we need so much? And what can we do about it?
By Sergio Galindo GM, GFI Software, 9/9/2015
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio