News & Commentary
Data Deletion: A Disconnect Between Perception And Reality
Jai Vijayan, Freelance writerNews
Study shows that methods used to erase data before equipment is resold not as effective as assumed.
By Jai Vijayan Freelance writer, 10/9/2015
Comment2 comments  |  Read  |  Post a Comment
Jailbreaking Mobile Devices: Thatís Not The Real Problem
Adam Ely, COO, BlueboxCommentary
Despite what mobile operating system vendors say, itís the OS flaws that put everyone at risk.
By Adam Ely COO, Bluebox, 10/9/2015
Comment0 comments  |  Read  |  Post a Comment
Chipping Away At Credit Card Fraud With EMV
Deborah Baxley, Principal, Cards & Payments, Capgemini Financial ServicesCommentary
As of October 1, so-called chip-and-pin technology is now the law of the land for electronic payments in the US. But itís not the silver bullet that will instantly stop all cybercrime.
By Deborah Baxley Principal, Cards & Payments, Capgemini Financial Services, 10/8/2015
Comment1 Comment  |  Read  |  Post a Comment
US Consumers More Worried About Cyber Risks Than Their Physical Safety
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Cyberthreats among the biggest worries of consumers, new Travelers Consumer Risk Index shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/7/2015
Comment0 comments  |  Read  |  Post a Comment
Intro To Machine Learning & Cybersecurity: 5 Key Steps
Stephen Newman, CTO, DamballaCommentary
Software-based machine learning attempts to emulate the same process that the brain uses. Hereís how.
By Stephen Newman CTO, Damballa, 10/7/2015
Comment0 comments  |  Read  |  Post a Comment
Cost Of Cybercrime Reaches $15 Million Annually Per Org
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Ponemon Institute study details annual costs incurred by organizations with over 1,000 employees.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
What The EUís Safe Harbor Ruling Means For Data Privacy In The Cloud
Michael Fey, President & COO, Blue CoatCommentary
The European Court of Justice today struck down the 15-year-old data transfer agreement between the European Union and the US. Hereís how to begin to prepare for the fallout.
By Michael Fey President & COO, Blue Coat, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
Donít Be Fooled: In Cybersecurity Big Data Is Not The Goal
Jay Jacobs, Senior Data Scientist, BitSight TechnologiesCommentary
In other words, the skills to be a security expert do not translate to being able to understand and extract meaning from security data.
By Jay Jacobs Senior Data Scientist, BitSight Technologies, 10/6/2015
Comment0 comments  |  Read  |  Post a Comment
10 Security Certifications To Boost Your Career
Dark Reading Staff,
Earning a security credential can help you open the door to a great job. But you need to know which certification is the right one for you.
By Dark Reading Staff , 10/5/2015
Comment5 comments  |  Read  |  Post a Comment
Nuclear Plants' Cybersecurity Is Bad -- And Hard To Fix
Sara Peters, Senior Editor at Dark ReadingNews
Report: 'Very few' nuclear plants worldwide patch software, and operations engineers 'dislike' security pros.
By Sara Peters Senior Editor at Dark Reading, 10/5/2015
Comment1 Comment  |  Read  |  Post a Comment
Segmentation: A Fire Code For Network Security
TK Keanini, CTO, LancopeCommentary
New technologies like software-defined segmentation are making it easier to prevent a compromise from spreading by separating users and network resources into zones.
By TK Keanini CTO, Lancope, 10/5/2015
Comment0 comments  |  Read  |  Post a Comment
A Wassenaar Arrangement Primer, With Katie Moussouris
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
The chief policy officer for HackerOne joins the Dark Reading News Desk at Black Hat to explain how the security community is working to prevent a policy 'dragnet' that would injure American infosec companies and researchers.
By Sara Peters Senior Editor at Dark Reading, 10/5/2015
Comment0 comments  |  Read  |  Post a Comment
Scottrade Breach Hit 4.6 Million Customers, Began 2 Years Ago
Dark Reading Staff, Quick Hits
Social Security numbers might have been exposed, but the main target appears to have been contact information.
By Dark Reading Staff , 10/2/2015
Comment2 comments  |  Read  |  Post a Comment
The Evolution Of Malware
Fred Touchette, Manager of Security ResearchCommentary
Like the poor in the famous Biblical verse, malware will always be with us. Hereís a 33-year history from Elk Cloner to Cryptolocker. What will be next?
By Fred Touchette Manager of Security Research, 10/2/2015
Comment0 comments  |  Read  |  Post a Comment
Experian Gets Hacked, Exposing SSNs, Data From 15 Million T-Mobile Customers
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Credit monitoring firm suffers its second major data breach.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/2/2015
Comment1 Comment  |  Read  |  Post a Comment
New Tactic Finds RAT Operators Fast
Sara Peters, Senior Editor at Dark ReadingNews
Low tolerance for latency makes RAT operators less likely to use proxies, easier to track back home.
By Sara Peters Senior Editor at Dark Reading, 9/29/2015
Comment1 Comment  |  Read  |  Post a Comment
3 Steps To Knowing Your Network
Ted Gary, Product Marketing Manager, Tenable
Managing your IT assets is a daily effort requiring vigilance and persistence.
By Ted Gary Product Marketing Manager, Tenable, 9/29/2015
Comment0 comments  |  Read  |  Post a Comment
Deconstructing The Challenges Of Software Assurance For Connected Cars
Anna Chiang, Technical Marketing Manager, Perforce SoftwareCommentary
Ensuring software security in the auto industry will entail careful attention to all aspects of software development: design, coding standards, testing, verification and run-time assurance.
By Anna Chiang Technical Marketing Manager, Perforce Software, 9/28/2015
Comment1 Comment  |  Read  |  Post a Comment
Google, Others Seek to Make Cybercrime Costlier For Criminals
Jai Vijayan, Freelance writerNews
Most effective long-term strategy is to target the support infrastructure and financial services used by criminals, Google says
By Jai Vijayan Freelance writer, 9/25/2015
Comment11 comments  |  Read  |  Post a Comment
FTC v. Wyndham: ĎNaughty 9í Security Fails to Avoid
Jason Straight, Senior VP & Chief Privacy Officer, UnitedLexCommentary
The Federal Trade Commissionís fair trade suit against Wyndham hotels offers insight into the brave new world of cybersecurity regulation of consumer data.
By Jason Straight Senior VP & Chief Privacy Officer, UnitedLex, 9/25/2015
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-09
Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

Published: 2015-10-09
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.

Published: 2015-10-09
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.

Published: 2015-10-09
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.

Published: 2015-10-09
The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.