Risk

News & Commentary
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Speaking at the Gartner Symposium/ITxpo, analyst Peter Firstbrook's list of trends is likely to inform executive committee conversations for the next 12 months.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/15/2018
Comment0 comments  |  Read  |  Post a Comment
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer
There's no excuse for not knowing your exposure. These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program.
By Steve Zurier Freelance Writer, 10/12/2018
Comment2 comments  |  Read  |  Post a Comment
Pair of Reports Paint Picture of Enterprise Security Struggling to Keep Up
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Many organizations have yet to create an effective cybersecurity strategy and it's costing them millions.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/11/2018
Comment1 Comment  |  Read  |  Post a Comment
Window Snyder Shares Her Plans for Intel Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
The security leader, known for her role in securing Microsoft, Apple, and Mozilla, discusses her new gig and what she's working on now.
By Kelly Sheridan Staff Editor, Dark Reading, 10/11/2018
Comment0 comments  |  Read  |  Post a Comment
One-Third of US Adults Hit with Identity Theft
Dark Reading Staff, Quick Hits
That's double the global average and more than three times the rate of French and German adults.
By Dark Reading Staff , 10/11/2018
Comment0 comments  |  Read  |  Post a Comment
Meet 5 Women Shaping Microsoft's Security Strategy
Kelly Sheridan, Staff Editor, Dark Reading
Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.
By Kelly Sheridan Staff Editor, Dark Reading, 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Security Researchers Struggle with Bot Management Programs
Kaan Onarlioglu, Senior Security Researcher, AkamaiCommentary
Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.
By Kaan Onarlioglu Senior Security Researcher, Akamai, 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Constructing the Future of ICS Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
As industrial control systems are connected to the cloud and the IoT, experts discuss security challenges.
By Kelly Sheridan Staff Editor, Dark Reading, 10/9/2018
Comment1 Comment  |  Read  |  Post a Comment
New Domains: A Wide-Open Playing Field for Cybercrime
Ben April, CTO, Farsight SecurityCommentary
As bad actors increasingly exploit new domains for financial gain and other nefarious purposes, security teams need to employ policies and practices to neutralize the threat in real time. Here's why and how.
By Ben April CTO, Farsight Security, 10/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Successful Scammers Call After Lunch
Kelly Sheridan, Staff Editor, Dark ReadingNews
Analysis of 20,000 voice phishing, or vishing, calls reveals patterns in how social engineers operate and how targets respond.
By Kelly Sheridan Staff Editor, Dark Reading, 10/5/2018
Comment0 comments  |  Read  |  Post a Comment
Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control
Richard Ford, Chief Scientist, ForcepointCommentary
Technology such as Apple's device trust score that decides "you" is not you is a good thing. But only if it works well.
By Richard Ford Chief Scientist, Forcepoint, 10/5/2018
Comment0 comments  |  Read  |  Post a Comment
7 Steps to Start Your Risk Assessment
Curtis Franklin Jr., Senior Editor at Dark Reading
Risk assessment can be complex, but it's vital for making good decisions about IT security. Here are steps to start you down the path toward a meaningful risk assessment process.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/4/2018
Comment0 comments  |  Read  |  Post a Comment
GDPR Report Card: Some Early Gains but More Work Ahead
Chris Babel, CEO, TrustArcCommentary
US companies paid the most, to date, to meet the EU's General Data Protection Regulation, according to a recent study, but UK companies made greater progress in achieving compliance goals.
By Chris Babel CEO, TrustArc, 10/4/2018
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Buys RedLock to Strengthen Cloud Security
Dark Reading Staff, Quick Hits
The transaction, valued at $173 million, is intended to bring analytics and threat detection to Palo Alto Networks' cloud security offering.
By Dark Reading Staff , 10/3/2018
Comment0 comments  |  Read  |  Post a Comment
The Award for Most Dangerous Celebrity Goes To
Dark Reading Staff, Quick Hits
A new study highlights which celebrities are associated with the most malicious websites, making them risky search subjects.
By Dark Reading Staff , 10/2/2018
Comment0 comments  |  Read  |  Post a Comment
CISOs: How to Answer the 5 Questions Boards Will Ask You
John Hellickson, Vice President, Advisory Services, at Kudelski Security, Inc.Commentary
As boards learn the importance of cybersecurity, certain issues arise on a regular basis. These tips can help you address them.
By John Hellickson Vice President, Advisory Services, at Kudelski Security, Inc., 10/2/2018
Comment1 Comment  |  Read  |  Post a Comment
October Events at Dark Reading You Can't Miss
Dark Reading Staff, News
Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security.
By Dark Reading Staff , 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
The Right Diagnosis: A Cybersecurity Perspective
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
A healthy body and a healthy security organization have a lot more in common than most people think.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
Exclusive: Cisco, Duo Execs Share Plans for the Future
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cisco's Gee Rittenhouse and Duo's Dug Song offer ideas and goals for the merged companies as Duo folds under the Cisco umbrella.
By Kelly Sheridan Staff Editor, Dark Reading, 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
4 Traits of a Cyber-Resilient Culture
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Companies with a solid track record of cybersecurity share these practices and characteristics.
By Ericka Chickowski Contributing Writer, Dark Reading, 9/28/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by ronaldthomas
Current Conversations good post
In reply to: a
Post Your Own Reply
More Conversations
PR Newswire
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
Most Malware Arrives Via Email
Dark Reading Staff 10/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17534
PUBLISHED: 2018-10-15
Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.
CVE-2018-17980
PUBLISHED: 2018-10-15
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is execute...
CVE-2018-18259
PUBLISHED: 2018-10-15
Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page.
CVE-2018-18260
PUBLISHED: 2018-10-15
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false.
CVE-2018-17532
PUBLISHED: 2018-10-15
Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.