Network Computing Dark Reading

Advertise

Risk

News & Commentary

Japan Cyber Minister Says He Has Never Used a Computer

Quick Hits

Yoshitaka Sakurada, who recently took on the role after a cabinet shuffling, says it's up to the government to deal with it.

By Dark Reading Staff , 11/15/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Cannot be personally blamed for an infection save the common cold. LOL. ...

More Than 50% of Free Mobile VPN Apps Have Chinese Ties

Quick Hits

In addition, most have "unacceptable" privacy policies and "non-existent user support."

By Dark Reading Staff , 11/15/2018

0 comments | Read | Post a Comment

From Reactive to Proactive: Security as the Bedrock of the SDLC

Brian Rutledge, Principal Security Manager at Spanning

Commentary

Secure code development should be a priority, not an afterthought, and adopting the software development life cycle process is a great way to start.

By Brian Rutledge Principal Security Manager at Spanning, 11/15/2018

0 comments | Read | Post a Comment

Cryptojacking, Mobile Malware Growing Threats to the Enterprise

Curtis Franklin Jr., Senior Editor at Dark Reading

News

At the same time, criminal organizations continue to look for new ways to attack their victims.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/14/2018

0 comments | Read | Post a Comment

Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues

Tim Wilson, Editor in Chief, Dark Reading,

News

Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data – and are fearful of a near-term breach of critical infrastructure.

By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018

0 comments | Read | Post a Comment

Airlines Have a Big Problem with Bad Bots

Kelly Sheridan, Staff Editor, Dark Reading

News

Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.

By Kelly Sheridan Staff Editor, Dark Reading, 11/14/2018

0 comments | Read | Post a Comment

Can Businesses Stand Up to Cybercrime? Only 61% Say Yes

Quick Hits

While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.

By Dark Reading Staff , 11/14/2018

0 comments | Read | Post a Comment

Microsoft Patch Tuesday Recap: 12 Critical Bugs Fixed

Quick Hits

Eight of the 12 critical vulnerabilities addressed this month affect the Chakra Scripting Engine in Microsoft Edge.

By Dark Reading Staff , 11/13/2018

0 comments | Read | Post a Comment

Getting to Know Magecart: An Inside Look at 7 Groups

News

A new report spills the details on Magecart, the criminal groups driving it, and ongoing attacks targeting low- and high-profile victims.

By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018

0 comments | Read | Post a Comment

Empathy: The Next Killer App for Cybersecurity?

Shay Colson, CISSP, Senior Manager, CyberClarity360

Commentary

The toughest security problems involve people not technology. Here's how to motivate your frontline employees all the way from the service desk to the corner office.

By Shay Colson CISSP, Senior Manager, CyberClarity360, 11/13/2018

1 Comment | Read | Post a Comment

Latest Comment: tdsan, → it is the human element that creates effective penetration testing...

Google Traffic Temporarily Rerouted via Russia, China

News

The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.

By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018

0 comments | Read | Post a Comment

2018 on Track to Be One of the Worst Ever for Data Breaches

News

A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone.

By Jai Vijayan Freelance writer, 11/12/2018

1 Comment | Read | Post a Comment

Latest Comment: tdsan, Interesting article, what I am curious about is where are the payouts from...

Veterans Find New Roles in Enterprise Cybersecurity

News

Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap.

By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2018

2 comments | Read | Post a Comment

Latest Comment: jrpolan, With the dearth of cybersecurity professionals out there and technology frontiers...

7 Cool New Security Tools to be Revealed at Black Hat Europe

Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.

By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018

0 comments | Read | Post a Comment

Cyberattacks Top Business Risks in North America, Europe, EAP

Quick Hits

The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.

By Dark Reading Staff , 11/12/2018

0 comments | Read | Post a Comment

'CARTA': A New Tool in the Breach Prevention Toolbox

Christopher Acton, VP, Security Services and Customer Success, RiskSense

Commentary

Gartner's continuous adaptive risk and trust assessment for averting a data breach addresses the shortcomings of static security programs.

By Christopher Acton VP, Security Services and Customer Success, RiskSense, 11/12/2018

0 comments | Read | Post a Comment

Inside CSAW, a Massive Student-Led Cybersecurity Competition

News

Nearly 400 high school, undergraduate, and graduate students advance to the final round of New York University's CSAW games.

By Kelly Sheridan Staff Editor, Dark Reading, 11/9/2018

0 comments | Read | Post a Comment

Dropbox Teams with Israeli Security Firm Coronet

Quick Hits

The partnership is expected to improve threat detection for Dropbox while growing Coronet's user base.

By Dark Reading Staff , 11/9/2018

0 comments | Read | Post a Comment

What You Should Know About Grayware (and What to Do About It)

Grayware is a tricky security problem, but there are steps you can take to defend your organization when you recognize the risk.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/9/2018

0 comments | Read | Post a Comment

Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk

Michael Fabian, Principal Security Consultant, Synopsys

Commentary

By teaming up to address key technical and organizational issues, information and operational security teams can improve the resiliency and safety of their infrastructure systems.

By Michael Fabian Principal Security Consultant, Synopsys, 11/9/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by REISEN1955

Cannot be personally blamed for an infection save the common cold. LOL. Incredible dumb or brilliant.

In reply to: Probable safest user EVER
Post Your Own Reply

Posted by tdsan

Interesting article, what I am curious about is where are the payouts from the GDPR discussions and the vulerabilities found at these various institutions (please advise)? T

In reply to: Repercussion of Data Breaches
Post Your Own Reply

Posted by tdsan

→ it is the human element that creates effective penetration testing practices at scale. I am just curious, how do you go about improving the human element when employees don't really seem to get or understand...

In reply to: Interesting article on Emphathy
Post Your Own Reply

Posted by jrpolan

With the dearth of cybersecurity professionals out there and technology frontiers growing daily, former military personnel are a great source of new weapons. As a vet myself, I can say they are highly-trainable, responsible,...

In reply to: Great topic
Post Your Own Reply

Posted by aricamartin

The secure operating system is the Linux operating system which is used in the IT organizations mostly. I am getting the windows error code 0x80004005 for the help purpose but did not get any response.

In reply to: OS Error
Post Your Own Reply

Posted by hucklesinthedark

Good points, but of course I'm saying that since I'm an auditor myself. I can vouch for internal audit's potential to help other departments stay on track and make the most of their own processes. I find that internal audit...

In reply to: Defining the Process
Post Your Own Reply

Posted by Ratteau

Do you have a link to the Synack course for more information? Cant find it at their corporate site.

In reply to: Link
Post Your Own Reply

Posted by jessicaglover012

Solving coding assignments can be really difficult at times because this subject covers many complex areas including MATLAB, visual basic, coldfusion, oracle, MYSQL, prolog, etc. We have seen that the number of students...

In reply to: Coding Assignment
Post Your Own Reply

Posted by tcritchley07

I hope Brad reads this response. I've writtne to him twice with researched ideas on tackling this issue to no avail. It reminds me of Mark Twain's 'Everybody is talking about the weather, nobody is doing anyhting about it'. tcritchley07...

In reply to: Brad Smith on Cybersecurity
Post Your Own Reply

Posted by dskquality

You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

In reply to: Re: Check out the latest from John Klossner
Post Your Own Reply

Posted by taylor03

I think this is a good step to overcome cybercrimes.

In reply to: Taylor
Post Your Own Reply

Posted by doctor91

De mon coté c'est bien sécurisé

In reply to: Re: Lack of Proof is NOT Lack of Attacks -- its proof of a growing problem
Post Your Own Reply

More Conversations

Products & Releases

Global Cooperation And Regulation Key In Addressing Multilayered Threats Posed By New Technology

Eurofins Digital Testing Launches Cyber Security Division

New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years

CMMI Institute Updates Cybermaturity Platform with Practices to Build Cybersecurity Resilience

Smarsh Survey Reveals Financial Firms Looking for Communications Risks in the Wrong Places

Carbonite Introduces Comprehensive Data Protection for Virtual and Physical Servers

60% of IT Security Professionals Looking to Leave Current Job: Mondo

The Chertoff Group Announces Rebrand

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Microsoft President: Governments Must Cooperate on Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/8/2018

Veterans Find New Roles in Enterprise Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/12/2018

2018 on Track to Be One of the Worst Ever for Data Breaches

Jai Vijayan, Freelance writer, 11/12/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

What is the Main Obstacle to Security?

Get Smarter, Be Safer With VirusTotal Enterprise

And Now, a Word from a Hacker

The Surprising State of IT Security

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-1643
PUBLISHED: 2018-11-15

The Installation Verification Tool of IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

CVE-2018-0693
PUBLISHED: 2018-11-15

Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbtrary file in the specific directory in FileZen via unspecified vectors.

CVE-2018-0694
PUBLISHED: 2018-11-15

FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVE-2018-0695
PUBLISHED: 2018-11-15

Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2018-0697
PUBLISHED: 2018-11-15

Cross-site scripting vulnerability in Metabase version 0.29.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Terms of Service
Privacy Statement
Legal Entities