Advertise

Risk

News & Commentary

Congressional Report Cites States Most Vulnerable to Election Hacking

Quick Hits

A new report details issues with 18 states along with suggestions on what can be done.

By Dark Reading Staff , 7/13/2018

0 comments | Read | Post a Comment

Newly Found Spectre Variants Bring New Concerns

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Two new variants on a theme of Spectre underscore the expanding nature of the critical vulnerabilities.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/11/2018

0 comments | Read | Post a Comment

What We Talk About When We Talk About Risk

Commentary

Measuring security risk is not that hard if you get your terms straight and leverage well-established methods and principles from other disciplines.

By Jack Jones Chairman, FAIR Institute, 7/11/2018

3 comments | Read | Post a Comment

Latest Comment: REISEN1955, Small Business - general rule is that a small business (I guess 50 emps or...

Microsoft July Security Updates Mostly Browser-Related

Kelly Jackson Higgins, Executive Editor at Dark Reading

News

Patch Tuesday includes 53 security updates, including mitigation for the latest side-channel attack.

By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/10/2018

0 comments | Read | Post a Comment

Businesses Struggle to Build 'Security-First' Culture

Kelly Sheridan, Staff Editor, Dark Reading

News

New Accenture study finds half of businesses provide cybersecurity training for new hires and only 40% of CISOs prioritize building or expanding insider threat programs.

By Kelly Sheridan Staff Editor, Dark Reading, 7/10/2018

0 comments | Read | Post a Comment

Putin Pushes for Global Cybersecurity Cooperation

Quick Hits

At a Moscow-based security conference, Russian President Vladimir Putin said countries should work together amid the rise of cyberthreats.

By Dark Reading Staff , 7/6/2018

2 comments | Read | Post a Comment

Latest Comment: Christian Bryant, I have to ask if politicians should even have a hand in the InfoSec world outside...

New Malware Variant Hits With Ransomware or Cryptomining

Quick Hits

A new variant of old malware scans a system before deciding just how to administer pain.

By Dark Reading Staff , 7/5/2018

0 comments | Read | Post a Comment

UK Banks Must Produce Backup Plans for Cyberattacks

Quick Hits

Financial services firms in Britain have three months to explain how they would stay up and running in the event of an attack or service disruption.

By Dark Reading Staff , 7/5/2018

3 comments | Read | Post a Comment

Latest Comment: Joe Stanganelli, @REISEN: Conversely, the NIST Cybersecurity Framework -- like any framework...

Ransomware vs. Cryptojacking

Jay Kelley, Senior Product & Digital Marketing Manager, Menlo Security, Inc.

Commentary

Cybercriminals are increasingly turning to cryptojacking over ransomware for a bigger payday. Here's what enterprises need to know in order to protect their digital assets and bank accounts.

By Jay Kelley Senior Product & Digital Marketing Manager, Menlo Security, Inc. , 7/3/2018

0 comments | Read | Post a Comment

6 Drivers of Mental and Emotional Stress in Infosec

Pressure comes in many forms but often with the same end result: stress and burnout within the security community.

By Kelly Sheridan Staff Editor, Dark Reading, 7/2/2018

3 comments | Read | Post a Comment

Latest Comment: REISEN1955, Quick note about faith in humanity. That was poorly written - what really...

There's No Automating Your Way Out of Security Hiring Woes

Ericka Chickowski, Contributing Writer, Dark Reading

News

Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.

By Ericka Chickowski Contributing Writer, Dark Reading, 6/28/2018

0 comments | Read | Post a Comment

65% of Resold Memory Cards Still Pack Personal Data

News

Analyzed cards, mainly from smartphones and tablets, contained private personal information, business documentation, audio, video, and photos.

By Kelly Sheridan Staff Editor, Dark Reading, 6/28/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Ages ago I purchased an Ebay Lexmark priner for a medical office I supported...

Ticketmaster UK Warns Thousands of Data Breach

Quick Hits

Customers who bought tickets through the site are advised to check for fraudulent transactions with Uber, Netflix, and Xendpay.

By Dark Reading Staff , 6/28/2018

8 comments | Read | Post a Comment

Latest Comment: Dr.T, " what made this approx 2% acquiring by the unknown malicious actors while...

Redefining Security with Blockchain

Commentary

Blockchain offers a proactive approach to secure a new generation of digital platforms and services for both enterprises and individuals.

By Stan Black CSIO, Citrix, 6/28/2018

1 Comment | Read | Post a Comment

Latest Comment: Christian Bryant, This is really forward-looking tech and I am excited to see who grabs these...

Today! 'Why Cybercriminals Attack,' A Dark Reading Virtual Event

Commentary

Wednesday, June 27, this all-day event starting at 11 a.m. ET, will help you decide who and what you really need to defend against, and how to do it more effectively.

By Dark Reading Staff , 6/27/2018

3 comments | Read | Post a Comment

Latest Comment: RyanSepe, Was the virtual event archived somewhere? If so, someone point me in the right...

Insider Dangers Are Hiding in Collaboration Tools

News

The casual sharing of sensitive data, such as passwords, is opening the door to malicious insiders.

By Ericka Chickowski Contributing Writer, Dark Reading, 6/26/2018

14 comments | Read | Post a Comment

Latest Comment: Joe Stanganelli, @Dr.T: They may be unavoidable, but they can be quickly mitigated with proper...

US Announces Arrests in Ghanian Fraud Schemes

Quick Hits

Eight individuals in the US and Ghana are charged with stealing more than $15 million through computer-based fraud.

By Dark Reading Staff , 6/26/2018

1 Comment | Read | Post a Comment

Latest Comment: Joe Stanganelli, To me, it seems that if criminals were smarter, they'd follow the wisdom from...

Secure by Default Is Not What You Think

Tom Thomassen, Senior Staff Engineer of Security, MarkLogic

Commentary

The traditional view of secure by default — which has largely been secure out of the box — is too narrow. To broaden your view, consider these three parameters.

By Tom Thomassen Senior Staff Engineer of Security, MarkLogic, 6/26/2018

0 comments | Read | Post a Comment

Black Hat Survey: Enterprise Tech, US Government Unprepared for Cyberattacks

News

The 2018 Black Hat Attendee survey reveals worries over the effectiveness of enterprise security technology, and threat to US infrastructure.

By Kelly Sheridan Staff Editor, Dark Reading, 6/26/2018

3 comments | Read | Post a Comment

Latest Comment: nirgx, After looking at the survey, specifically the list of "Effectiveness of Technologies...

Midsized Organizations More Secure Than Large Ones

News

New report offers data and analysis as to why midsized organizations hit a cybersecurity sweet spot in terms of security efficacy.

By Ericka Chickowski Contributing Writer, Dark Reading, 6/25/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by CameronRobertson

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by Christian Bryant

This is really forward-looking tech and I am excited to see who grabs these ideas and creates the first fully functional infrastructure. In "A Proposed Solution and Future Direction for Blockchain-Based Heterogeneous Medicare...

In reply to: Partnering Security and Healthcare with Blockchain
Post Your Own Reply

Posted by Christian Bryant

One of the things we see often in suspense thrillers is the "eye in the sky" concept. In fact, IoT is absolutely at the heart of what is possible in terms of securing public and private safety. By putting focus on Internet...

In reply to: Real-Time Video/Audio Scanning w/Shape Detection & Adaptive Pattern Recognition
Post Your Own Reply

Posted by PaulChau

Right now, the most important commodity in the world is the ability for swift and efficient communication. Not just amongst people but amongst things to, and that's why this whole internet of things thing has come about...

In reply to: hi
Post Your Own Reply

Posted by REISEN1955

Small Business - general rule is that a small business (I guess 50 emps or less) can live for only 2 weeks following a major crash of systems. I supported such shops and always had a backup-restore plan in working...

In reply to: Re: Cybersecurity Risk Taxonomy
Post Your Own Reply

Posted by jonesj26

Thanks, Christian. You're absolutely right about this problem being discussed for some time now. Unfortunately, I don't believe it's broadly recognized yet as a foundational Achilles Heel for our profession. ...

In reply to: Re: Cybersecurity Risk Taxonomy
Post Your Own Reply

Posted by Christian Bryant

These are excellent points - in fact, the very list of risks you noted that are typically raised when asked are the ones I tend to see in initial project documents that relate to security. Cybersecurity Risk Taxonomy (A....

In reply to: Cybersecurity Risk Taxonomy
Post Your Own Reply

Posted by Ritu_G

Their security system specialists obviously need to resit for their security courses and tests. Due to their poor choice of defense mechanisms on that fateful day, things had turned out like how the retailer wouldn't have...

In reply to: Re: Deactivation of FireEye's Automatic Response
Post Your Own Reply

Posted by Ritu_G

In reply to: Re: Deactivation of FireEye's Automatic Response
Post Your Own Reply

Posted by nirgx

After looking at the survey, specifically the list of "Effectiveness of Technologies in Protecting Data", I wouldn't say the results are surprising - passwords at 19% and AV at 30% is actually pretty good reflection of reality....

In reply to: Effectiveness of Technologies
Post Your Own Reply

Posted by linkbuild

thanks for sharing valuable information. epass online

In reply to: do my assignment
Post Your Own Reply

Posted by Ayo99

luckly im not live in europe.. and my target market are asian

In reply to: Re: stop data processing
Post Your Own Reply

More Conversations

Products & Releases

Jumio’s Netverify® Solutions Win Gold and Bronze in Security Software

ISACA and SecurityScorecard Define Questions to Implement Continuous Assurance for Data

BitSight Raises $60 Million in Series D Funding Led by Warburg Pincus

Trillium Opens Michigan Cybersecurity Operations and R&D Center

68% of EU, US Crypto Exchanges and Wallets Fail on Proper Customer Identity Checks

Cybersecurity, IT Governance, Emerging Tech Shaping 2018 IT Audit Plans: Protiviti, ISACA

ISACA Unveils GDPR Assessment for Enterprises to Gauge Regulation Readiness and Compliance Path

Tax Software Providers Not Protecting Emails from Phishing and Spoofing

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Data Breaches at Timehop, Macy's Highlight Need for Multi-Factor Authentication

Jai Vijayan, Freelance writer, 7/9/2018

What We Talk About When We Talk About Risk

Jack Jones, Chairman, FAIR Institute, 7/11/2018

Ticketmaster Breach Part of Massive Payment Card Hacking Campaign

Jai Vijayan, Freelance writer, 7/10/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

Cyber Threat Brief: The 2018 FIFA World Cup

Virtual Agent for ITSM - 5 Questions to Ask

[451 Research] Unified Access Management

Cyber Threat Landscape: The Healthcare Industry

The Fileless Attack Checklist

More White Papers

Video

All Risk Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-14084
PUBLISHED: 2018-07-16

An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().

CVE-2018-14085
PUBLISHED: 2018-07-16

An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function swe...

CVE-2018-14086
PUBLISHED: 2018-07-16

An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(...

CVE-2018-14087
PUBLISHED: 2018-07-16

An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback functio...

CVE-2018-14088
PUBLISHED: 2018-07-16

An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounde...

Terms of Service
Privacy Statement
Legal Entities