Risk
News & Commentary
Cybersecurity & Healthcare: Does Cybersecurity Act Help or Hurt?
Jay Trinckes, Senior Practice Lead, Healthcare & Life Sciences, CoalfireCommentary
Without adequate resources, the new Cybersecurity Act of 2015 Act is merely a snapshot in time that does little to safeguard sensitive medical information.
By Jay Trinckes Senior Practice Lead, Healthcare & Life Sciences, Coalfire, 2/12/2016
Comment2 comments  |  Read  |  Post a Comment
5 Reveals About Today's Attack M.O.s From Skype Spying Malware
Ericka Chickowski, Contributing Writer, Dark ReadingNews
T9000 backdoor is built with many of today's cybercriminal tricks up its sleeves.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/11/2016
Comment0 comments  |  Read  |  Post a Comment
5 Big Incident Response Mistakes
Jai Vijayan, Freelance writerNews
Failing to have a formal incident response plan is just one of the mistakes organizations make.
By Jai Vijayan Freelance writer, 2/11/2016
Comment0 comments  |  Read  |  Post a Comment
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
Sara Peters, Senior Editor at Dark Reading
From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
By Sara Peters Senior Editor at Dark Reading, 2/10/2016
Comment3 comments  |  Read  |  Post a Comment
Is The Cybersecurity Bubble About To Burst?
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cybersecurity stocks are way down in 2016 so far, but venture capital money still flows.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/10/2016
Comment5 comments  |  Read  |  Post a Comment
New White House Cybersecurity Plan Creates Federal CISO
Sara Peters, Senior Editor at Dark ReadingNews
Cybersecurity National Action Plan aims to increase federal cybersecurity spending by 35 percent to modernize IT and address skills shortage, IoT.
By Sara Peters Senior Editor at Dark Reading, 2/9/2016
Comment1 Comment  |  Read  |  Post a Comment
10 Shocking New Facts About Ransomware
Ericka Chickowski, Contributing Writer, Dark Reading
Ransomware has taken over the cybercriminal world in the last few years and there's no end in sight.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/8/2016
Comment2 comments  |  Read  |  Post a Comment
Newly Fired CEO Of Norse Fires Back At Critics
Jai Vijayan, Freelance writerNews
Critics maintain that Norse Corp. is peddling threat data as threat intelligence.
By Jai Vijayan Freelance writer, 2/4/2016
Comment1 Comment  |  Read  |  Post a Comment
Here’s How To Protect Against A Ransomware Attack
Jai Vijayan, Freelance writerNews
Recovering data encrypted by a ransomware attack is next to impossible, so prevention offers the better approach.
By Jai Vijayan Freelance writer, 2/4/2016
Comment1 Comment  |  Read  |  Post a Comment
The #1 Riskiest Mobile Users Wear Suits
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Business users top the rankings of those most likely to engage with risky apps and URLs on their smartphones and tablets.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/4/2016
Comment0 comments  |  Read  |  Post a Comment
Macro Malware Resurgence Highlighted By Kasidet Outbreak
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Also known as Neutrino, this piece of malware is another case of Office macro malaise.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Wendy's Could Become Test Case For New EMV Liability Rules
Jai Vijayan, Freelance writerNews
The fast food giant confirms it is investigating fraudulent activity involving payment cards used at some of its 6,500 locations.
By Jai Vijayan Freelance writer, 1/29/2016
Comment4 comments  |  Read  |  Post a Comment
Hot-Patching Tools Another Crack In Apple's Walled Garden
Sara Peters, Senior Editor at Dark ReadingNews
Researchers at FireEye investigate how the tools some iOS developers use to push out patches more quickly are themselves a threat to Apple security.
By Sara Peters Senior Editor at Dark Reading, 1/27/2016
Comment9 comments  |  Read  |  Post a Comment
Post-Breach Costs And Impact Can Last Years
Ericka Chickowski, Contributing Writer, Dark ReadingNews
SANS study examines long-term effects of breach events.
By Ericka Chickowski Contributing Writer, Dark Reading, 1/26/2016
Comment11 comments  |  Read  |  Post a Comment
NetFlow Or sFlow For Fastest DDoS Detection?
Vincent Berk, Commentary
It's still not an easy choice, but combined with the faster NetFlow exporters that have recently come to market, the speed advantage of sFlow is starting to fade.
By Vincent Berk , 1/26/2016
Comment11 comments  |  Read  |  Post a Comment
How (And Why) Hackers Target Your Business
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Don’t miss this inside look by a trio of experts from industry and law enforcement during Dark Reading's virtual event, Cybersecurity: The Business View. Now available On-Demand.
By Marilyn Cohodas Community Editor, Dark Reading, 1/25/2016
Comment6 comments  |  Read  |  Post a Comment
AMX Harman Disputes Deliberately Hiding Backdoor In Its Products
Jai Vijayan, Freelance writerNews
Control systems for AV, lighting, and other equipment used widely by the White House, Fortune 100, government, and defense agencies likely affected.
By Jai Vijayan Freelance writer, 1/22/2016
Comment1 Comment  |  Read  |  Post a Comment
When The Boss Is Your Biggest Security Risk
Mike Tierney, COO, SpectorSoftCommentary
No one possesses more sensitive information in an organization than upper management. So why do companies screen executives on the way in but not on the way out?
By Mike Tierney COO, SpectorSoft, 1/21/2016
Comment9 comments  |  Read  |  Post a Comment
Preparing Your Business For A Major Data Breach: The Business View
Sara Peters, Senior Editor at Dark ReadingCommentary
Today's Dark Reading's Virtual Conference on the business perspectives of cybersecurity will include a panel to prep your leaders for responding to the inevitable breach.
By Sara Peters Senior Editor at Dark Reading, 1/20/2016
Comment0 comments  |  Read  |  Post a Comment
IT Confidence Ticks Down
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cisco security report shows aging infrastructure no match for constantly advancing attack techniques.
By Ericka Chickowski Contributing Writer, Dark Reading, 1/20/2016
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.