Network Computing Darkreading

Advertise

Risk

News & Commentary

New Cybercrime Campaign a 'Clear and Imminent' Threat to Banks Worldwide

Kelly Jackson Higgins, Executive Editor at Dark Reading

News

Hundreds of millions of dollars stolen from banks via an sophisticated attack that blended cyber and physical elements.

By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/16/2017

0 comments | Read | Post a Comment

GDPR Compliance: 5 Early Steps to Get Laggards Going

If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.

By Sara Peters Senior Editor at Dark Reading, 10/16/2017

0 comments | Read | Post a Comment

Hyatt Hit With Another Credit Card Breach

Quick Hits

Payment card information stolen when cards were either swiped or manually entered into registration systems at some Hyatt hotels.

By Dark Reading Staff , 10/13/2017

1 Comment | Read | Post a Comment

Latest Comment: Joe Stanganelli, "I want to assure you that there is no indication that information beyond that...

Coalition to Offer Free Business Email Compromise Workshops

Quick Hits

A coalition of federal law enforcement agencies, ISACs, and Symantec will offer BEC workshops in a dozen cities.

By Dark Reading Staff , 10/12/2017

0 comments | Read | Post a Comment

Equifax Now Faces Potential Breach of Customer Help Page

Quick Hits

Embattled credit-monitoring company takes down help page that reportedly redirects users to download a bogus software update.

By Dark Reading Staff , 10/12/2017

2 comments | Read | Post a Comment

Latest Comment: RyanSepe, This is good advice. I feel that more of the burden however will fall on leadership...

Olympic Games Face Greater Cybersecurity Risks

Dawn Kawamoto, Associate Editor, Dark Reading

News

Cybercriminals may alter score results and engage in launching physical attacks at future Olympic Games, a recently released report warns.

By Dawn Kawamoto Associate Editor, Dark Reading, 10/12/2017

0 comments | Read | Post a Comment

IoT: Insecurity of Things or Internet of Threats?

Kelly Sheridan, Associate Editor, Dark Reading

News

Security leaders call for device manufacturers to buckle down on device security as the Internet of Things evolves.

By Kelly Sheridan Associate Editor, Dark Reading, 10/11/2017

0 comments | Read | Post a Comment

New Dark Reading Conference Will Focus on Defense

Commentary

The INsecurity Conference, Nov. 29-30 at the Gaylord National Harbor in Maryland is all about helping infosecurity pros mitigate threats -- from hot topics to basic hygiene.

By Dark Reading Staff , 10/11/2017

0 comments | Read | Post a Comment

Ransomware Sales on the Dark Web Spike 2,502% in 2017

News

Sales soar to $6.2 million as do-it-yourself kits, ransomware-as-a-service, and distribution offerings take hold.

By Dawn Kawamoto Associate Editor, Dark Reading, 10/11/2017

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, No surprise really at least for the Dark Web and where else are hackers and...

GDPR Concerns Include 'Where's My Data Stored?'

Ericka Chickowski, Contributing Writer, Dark Reading

News

European data protection regulations are coming like a freight train and many firms are still unprepared.

By Ericka Chickowski Contributing Writer, Dark Reading, 10/11/2017

0 comments | Read | Post a Comment

DevOpsSec: A Big Step in Cloud Application Security

Jeff Schilling, Chief Security Officer, Armor

Commentary

Why it's time for DevOps and security teams to bury the hatchet -- and not in each other's back.

By Jeff Schilling Chief Security Officer, Armor, 10/3/2017

0 comments | Read | Post a Comment

70% of US Employees Lack Security and Privacy Awareness

News

Acceptable use of social media and adherence to workplace physical security drops, new survey shows.

By Dawn Kawamoto Associate Editor, Dark Reading, 10/3/2017

3 comments | Read | Post a Comment

Latest Comment: imfrom51, I agree with the fact that this should now be taught in schools. However every...

Best and Worst Security Functions to Outsource

Which security functions are best handled by third parties, and which should be kept in-house? Experts weigh in.

By Kelly Sheridan Associate Editor, Dark Reading, 9/29/2017

14 comments | Read | Post a Comment

Latest Comment: Joe Stanganelli, > When the CEO criticizes the leadership openly in end of the year meetings,...

Apple Shares More Data with US in First Half of 2017

Quick Hits

Device-based data requests from government agencies dropped in the first half over last year, but Apple fulfilled a higher percentage of those requests, according to its transparency report.

By Dark Reading Staff , 9/29/2017

1 Comment | Read | Post a Comment

Latest Comment: LouiseMiller, It is really usefull post)

CISOs Offer Soup-to-Nuts C-Suite Strategy

News

Chief information security officers from Dell, RCB Bank and other organizations share what it takes to become a security exec, sit in the C-Suite, and keep the job.

By Dawn Kawamoto Associate Editor, Dark Reading, 9/29/2017

0 comments | Read | Post a Comment

Report: Bank Email Fraud Increases since Equifax Breach

Quick Hits

Cyberthieves are impersonating banks to send bogus "secure" bank email messages.

By Dark Reading Staff , 9/28/2017

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, I received one the other day for my credit card - checked it - yeap, entirely...

Central Banks Propose Better Inter-Bank Security

Quick Hits

Institutions from the world's largest economies want to improve security following abuse of inter-bank messaging and payment systems.

By Dark Reading Staff , 9/28/2017

0 comments | Read | Post a Comment

Caterpillar Eyes Competitive Edge with Connected Asset Security Program

News

Launches program to incorporate security by design and a strategic governance policy across all of its IoT products.

By Dawn Kawamoto Associate Editor, Dark Reading, 9/27/2017

0 comments | Read | Post a Comment

FBI's Freese Shares Risk Management Tips

News

Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.

By Dawn Kawamoto Associate Editor, Dark Reading, 9/26/2017

0 comments | Read | Post a Comment

After DHS Notice, 21 States Reveal They Were Targeted During Election

Quick Hits

Election officials in swing states Florida, Ohio, and Pennsylvania among those who report Russian state-sponsored attackers targeted their systems.

By Dark Reading Staff , 9/25/2017

18 comments | Read | Post a Comment

Latest Comment: Lepricon, The irony is that they've already had to amend their statement: "MADISON,...

More Stories

Current Conversations

Posted by Joe Stanganelli

"I want to assure you that there is no indication that information beyond that gained from payment cards – cardholder name, card number, expiration date and internal verification code – was involved."Oh, good....

In reply to: Well, then. Phew!
Post Your Own Reply

Posted by Joe Stanganelli

> When the CEO criticizes the leadership openly in end of the year meetings, the end is near.Bad leadership begets bad leadership, sounds like to me.

In reply to: Re: Outsource?
Post Your Own Reply

Posted by REISEN1955

Glassdoor review of IT at Abbott Laboratories --- 10 year veteran of the trench wrote this and it is ruthless to the extreme but I agree with it fully. Core IT is a disaster. The old, tired women leading the BTS...

In reply to: Re: Outsource?
Post Your Own Reply

Posted by Joe Stanganelli

@REISEN: Wipro is a particularly apt example for you to bring up, given how workers there allegedly scammed TalkTalk customers, as reported here and elsewhere: bbc.com/news/technology-39177981

In reply to: Re: Outsource?
Post Your Own Reply

Posted by Joe Stanganelli

Moreover, @REISEN, I'm not even speaking of American outsourcing to dirt-cheap Asian vendors. Even intranational outsourcing can be deleterious if you're talking about a large country with a vendor in a totally different...

In reply to: Re: Outsource IT Projects
Post Your Own Reply

Posted by Mr Phen375

Where can I find the list to help hone down the possibilities for vulnerable devices?

In reply to: Where to find the list?
Post Your Own Reply

Posted by RyanSepe

This is good advice. I feel that more of the burden however will fall on leadership as the technical IT folks take direction from them.

In reply to: Re: Equifax - Career Ending job
Post Your Own Reply

Posted by REISEN1955

Vendor location is important but how many American firms have huge footprints for their offices in India? Wipro, Tata, Infosys and now IBM of all things. That implies time issues and also knowledge content. ...

In reply to: Re: Outsource IT Projects
Post Your Own Reply

Posted by REISEN1955

IT professionals (if there are any) at Equifax should GET OUT NOW so their resume will not look too awful!!! Nobody worth their salt will be able to find a new job after this train wreck that keeps on wrecking.&nbs...

In reply to: Equifax - Career Ending job
Post Your Own Reply

Posted by Joe Stanganelli

To be fair, Equifax's data-protection issues are clearly so great that it doesn't matter WHO the vendor is or even the fact of the existence of a vendor.Echoing earlier comment, vendors can be fine if you...

In reply to: Re: Outsource?
Post Your Own Reply

Posted by Joe Stanganelli

@REISEN: Obviously, it depends on the context, but yes, that's why it pays to be careful about outsourcing.One friend of mine recent took a new job. Since taking it last year, she's spent that time insourcing almost everything...

In reply to: Re: Outsource IT Projects
Post Your Own Reply

Posted by REISEN1955

DISAGREE - Came out of an outsourced office locally. It took 9 days for Wipro to route one ticket from ONE end of the office to me. if 3 calls were made to users to resolve and not picked up, then the issue was...

In reply to: Re: Outsource IT Projects
Post Your Own Reply

More Conversations

Products & Releases

Fake Insurance Tax Form Scam Aims at Stealing Data from Tax Pros, Clients

Cryptomathic Granted New Patent for Strong Non-Repudiation with eSignatures

Aruba Modernizes Network Security to Reduce Risk

3 Companies to Settle FTC Charges They Falsely Claimed Participation in EU-US Privacy Shield Framework

81% of Infosec Pros Say Required Job Skills Have Changed

Nearly 25% of Companies Haven’t Hired a Data Protection Officer: Imperva

NIST, DHS Join Forces to Create Cybersecure Communities Around the Globe

Rohde & Schwarz Cybersecurity Launches DNS Tunneling Detection

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Cybersecurity's 'Broken' Hiring Process

Kelly Jackson Higgins, Executive Editor at Dark Reading, 10/11/2017

Equifax Now Faces Potential Breach of Customer Help Page

Dark Reading Staff 10/12/2017

How Systematic Lying Can Improve Your Security

Lance Cottrell, Chief Scientist, Ntrepid, 10/11/2017

Live Events

Webinars

More UBM Tech
Live Events

INsecurity - A Dark Reading Conference: Join Us November 29-30 In The D.C. Area

Transform Business Processes with API-enabled Integrations

Registration is Open for Enterprise Connect Conference and Expo

White Papers

Is Someone Listening In? Protecting Against Mobile Audio Surveillance

SIEM: Beginners Guide

Ransomware Prevention & Detection: Beginner's Guide

Global CISO Report

Enabling Next-Gen Platforms Using Intel's 3D System-in-Package Technology

More White Papers

Video

All Risk Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Search Cybersecuruty and you will get unicorn.

Cartoon Archive

Current Issue

Security Vulnerabilities: The Next Wave

Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of Ransomware

Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!

Download Now!

[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

0 comments

The Impact of a Security Breach 2017

0 comments

[Strategic Security Report] Assessing Cybersecurity Risk

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2017-0290

Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Terms of Service
Privacy Statement
Legal Entities