Advertise

Risk

News & Commentary

Fault-Tolerant Method Use for Security Purposes in New Framework

Curtis Franklin Jr., Senior Editor at Dark Reading

News

A young company has a new patent for using fault tolerance techniques to protect against malware infection in applications.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/24/2018

0 comments | Read | Post a Comment

Microsoft Deletes Passwords for Azure Active Directory Applications

Kelly Sheridan, Staff Editor, Dark Reading

News

At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.

By Kelly Sheridan Staff Editor, Dark Reading, 9/24/2018

0 comments | Read | Post a Comment

6 Dark Web Pricing Trends

For cybercriminals, the Dark Web grows more profitable every day.

By Steve Zurier Freelance Writer, 9/24/2018

0 comments | Read | Post a Comment

6 Security Training Hacks to Increase Cyber IQ Org-Wide

Move beyond generic, annual security awareness training with these important tips.

By Ericka Chickowski Contributing Writer, Dark Reading, 9/21/2018

1 Comment | Read | Post a Comment

Latest Comment: pedro5, Here, with the article, you can get all the things related to the security...

Think Like An Attacker: How a Red Team Operates

News

Seasoned red teamers explain the value-add of a red team, how it operates, and how to maximize its effectiveness.

By Kelly Sheridan Staff Editor, Dark Reading, 9/20/2018

0 comments | Read | Post a Comment

Turn the NIST Cybersecurity Framework into Reality: 5 Steps

Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems

Commentary

Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.

By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018

4 comments | Read | Post a Comment

Latest Comment: Marilyn Cohodas, Yep. copy & paste error left out Step 4! Details in the commentary. But here's...

As Tech Drives the Business, So Do CISOs

News

Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.

By Kelly Sheridan Staff Editor, Dark Reading, 9/19/2018

0 comments | Read | Post a Comment

WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication

John Fontana, Standards & Identity Analyst, Yubico

Commentary

New standards offer protection against hacking, credential theft, phishing attacks, and hope for the end of an era of passwords as a security construct.

By John Fontana Standards & Identity Analyst, Yubico, 9/19/2018

5 comments | Read | Post a Comment

Latest Comment: Williamastro, Nice

FBI: Phishing Attacks Aim to Swap Payroll Information

Quick Hits

Social engineering scams target employees' payroll credentials so attackers can access and change their bank account data.

By Dark Reading Staff , 9/19/2018

0 comments | Read | Post a Comment

5 Steps to Success for New CISOs

Nik Whitfield, Computer Scientist & Security Technology Entrepreneur

Commentary

You've been hired to make an impact. These tips can help set you up for continued success.

By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 9/19/2018

0 comments | Read | Post a Comment

8 Keys to a Successful Penetration Test

Pen tests are expensive, but there are key factors that can make them worth the investment.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/19/2018

0 comments | Read | Post a Comment

The Security Costs of Cloud-Native Applications

News

More than 60% of organizations report the bulk of new applications are built in the cloud. What does this mean for security?

By Kelly Sheridan Staff Editor, Dark Reading, 9/18/2018

0 comments | Read | Post a Comment

The Top 5 Security Threats & Mitigations for Industrial Networks

Commentary

While vastly different than their IT counterparts, operational technology environments share common risks and best practices.

By Barak Perelman CEO, Indegy, 9/18/2018

0 comments | Read | Post a Comment

GovPayNow Leak of 14M+ Records Dates Back to 2012

Quick Hits

Thousands of US state and local governments use the service to process online payments for everything from traffic tickets to court fines.

By Dark Reading Staff , 9/18/2018

0 comments | Read | Post a Comment

RDP Ports Prove Hot Commodities on the Dark Web

News

Remote desktop protocol access continues to thrive in underground markets, primarily to hackers who lack expertise to find exposed ports themselves.

By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2018

1 Comment | Read | Post a Comment

Latest Comment: aliciapalmer, I like your article. It is very informative and useful.

The 7 Habits of Highly Effective Security Teams

Gary Golomb, Co-Founder & Chief Research Officer at Awake Security

Commentary

Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.

By Gary Golomb Co-Founder & Chief Research Officer at Awake Security, 9/17/2018

0 comments | Read | Post a Comment

How Secure are our Voting Systems for November 2018?

Commentary Video

Anomali CEO Hugh Njemanze discusses the importance of sharing threat intelligence across the country’s highly decentralized voting systems to safeguard the integrity of upcoming elections.

By Dark Reading Staff , 9/14/2018

0 comments | Read | Post a Comment

Military, Government Users Just as Bad About Password Hygiene as Civilians

News

New report comes out just as group of US senators chastise Secretary of State Mike Pompeo for not using multifactor authentication.

By Ericka Chickowski Contributing Writer, Dark Reading, 9/14/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, People are people anywhere you go and dumb exists. I always think of...

New Cold Boot Attack Gives Hackers the Keys to PCs, Macs

News

Researchers bypass a Trusted Computing Group security measure to manipulate the firmware and steal data in memory.

By Kelly Sheridan Staff Editor, Dark Reading, 9/13/2018

3 comments | Read | Post a Comment

Latest Comment: REISEN1955, Upgrade to DOS 6.22 - no malware for that at least - MenuWorks, and Word Perfect...

Enterprise Security Needs an Open Data Solution

Carey Nachenberg, Chief Scientist at Chronicle

Commentary

What would it look like if more than a tiny fraction of enterprises had access to all the signals hidden in their big data today?

By Carey Nachenberg Chief Scientist at Chronicle, 9/13/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by Kristendean80

Are you sure this is how we get our data into the cloud?

In reply to: Cartoon caption
Post Your Own Reply

Posted by pedro5

Here, with the article, you can get all the things related to the security training hacks to increase the cybersecurity, and it is also very important for the user to get the more security, and all the rules you can get...

In reply to: re:
Post Your Own Reply

Posted by philipmorgan

Google Chrome has given an update for mostly all the platforms such as Windows, MAC, Linux or Android. The update is really good as it has changed the icon styles and it is a little bit faster than the previous version....

In reply to: Chrome update
Post Your Own Reply

Posted by aacyberreport

"I'm not sure I like this top down management approach!"

In reply to: Cartoon caption
Post Your Own Reply

Posted by mhornbeck740

Name that Toon: Risky Busine Literalist at work, boss said do the job hanging from the ceiling. { You want anything else boss, Yes do the job hanging from the ceiling. Here is what you get from a literalist. }

In reply to: Literalist at work, boss said do the job hanging from the ceiling.
Post Your Own Reply

Posted by GMoon

When you are scheduled out of the office, but you forgot to log off, and you don't want your coworkers to know.

In reply to: Caption
Post Your Own Reply

Posted by Williamastro

Nice

In reply to: Thanks for sharing
Post Your Own Reply

Posted by OlivierM587

IT team told me the problem was between the computer and the chair...

In reply to: Cartoon Caption
Post Your Own Reply

Posted by Marilyn Cohodas

Yep. copy & paste error left out Step 4! Details in the commentary. But here's a brief recap: Step 1: Set your target goals Step 2: Create a detailed profile Step 3: Assess your current position Step 4: Gap analysis...

In reply to: There really are 5 steps!
Post Your Own Reply

Posted by PanamaVet

White Privelege Day

In reply to: Cartoon Caption
Post Your Own Reply

Posted by GWAIN

Facilities rejected his request for an ergonomic desk.

In reply to: Back Problems
Post Your Own Reply

Posted by Marilyn Cohodas

Good catch! All fixed. Thanks for being such a great proofreader. --the editors

In reply to: Re: proof reading is for losers right?
Post Your Own Reply

More Conversations

Products & Releases

World-renowned Cybersecurity Veteran Richard Bejtlich Joins Corelight as Principal Security Strategist

Research Firm Names Flashpoint a ‘Strong Performer’ Citing Custom Collection Strategies, Cybercrime Analysis

Proofpoint Launches Closed-Loop Email Analysis and Response Solution to Automate End User-Reported Phishing Remediation

Andreessen Horowitz Leads $8.5 Million Investment in Very Good Security

Information Security Forum Releases Data Leakage Prevention Digest

Exabeam Raises $50 Million in Series D, Targets SIEM Market

Imperva Completes the Acquisition of Prevoty

Venafi Study: 93% of Security Professionals Say Election Infrastructure Is at Risk

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication

John Fontana, Standards & Identity Analyst, Yubico, 9/19/2018

NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO

Kelly Jackson Higgins, Executive Editor at Dark Reading, 9/19/2018

Turn the NIST Cybersecurity Framework into Reality: 5 Steps

Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018

Live Events

Webinars

More UBM Tech
Live Events

Build Your Communications & Collaboration Future

Enterprise Connect Orlando 2019 Registration is Open!

White Papers

Build the Best IT Budget for 2019

2018 Security Report

Business Protection Requires a Response to What Lurks Outside Your Walls

5 Approaches to Consistently Evolving Security

3 Steps to Securing Enterprise Data on Cloud Platforms

More White Papers

Video

All Risk Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Are you sure this is how we get our data into the cloud?

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-14633
PUBLISHED: 2018-09-25

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The at...

CVE-2018-14647
PUBLISHED: 2018-09-25

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming larg...

CVE-2018-10502
PUBLISHED: 2018-09-24

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...

CVE-2018-11614
PUBLISHED: 2018-09-24

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists wit...

CVE-2018-14318
PUBLISHED: 2018-09-24

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of ...

Terms of Service
Privacy Statement
Legal Entities