Risk

News & Commentary
Threat Intel: Finding Balance in an Overcrowded Market
Kelly Sheridan, Staff Editor, Dark ReadingNews
Industry insiders discuss how threat intelligence has changed and what may happen as the market becomes increasingly saturated.
By Kelly Sheridan Staff Editor, Dark Reading, 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
New Survey Shows Hybrid Cloud Confidence
Dark Reading Staff, Quick Hits
Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.
By Dark Reading Staff , 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
By Sara Peters Senior Editor at Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark ReadingNews
It's a critical time for social media platforms and the government agencies and private businesses and individuals using them.
By Kelly Sheridan Staff Editor, Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
Cyber War Game Shows How Federal Agencies Disagree on Incident Response
Sara Peters, Senior Editor at Dark ReadingNews
Former officials at DHS, DOJ, and DOD diverge on issues of attribution and defining what constitutes an act of cyber war.
By Sara Peters Senior Editor at Dark Reading, 4/18/2018
Comment0 comments  |  Read  |  Post a Comment
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
Sara Peters, Senior Editor at Dark ReadingNews
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
By Sara Peters Senior Editor at Dark Reading, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer
Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
By Steve Zurier Freelance Writer, 4/17/2018
Comment3 comments  |  Read  |  Post a Comment
Why We Need Privacy Solutions That Scale Across Borders
Chris Babel, CEO, TrustArcCommentary
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
By Chris Babel CEO, TrustArc, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
New Malware Adds RAT to a Persistent Loader
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A newly discovered variant of a long-known malware loader adds the ability to control the victim from afar.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/17/2018
Comment1 Comment  |  Read  |  Post a Comment
INsecurity Conference Seeks Security Pros to Speak on Best Practices
Tim Wilson, Editor in Chief, Dark Reading, News
Dark Reading's second annual data defense conference will be held Oct. 23-25 in Chicago; call for speakers is issued.
By Tim Wilson, Editor in Chief, Dark Reading , 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
How GDPR Forces Marketers to Rethink Data & Security
Roger Kjensrud, CTO, ImpactCommentary
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
By Roger Kjensrud CTO, Impact, 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
7 Steps to a Smooth, Secure Cloud Transition
Kelly Sheridan, Staff Editor, Dark Reading
Security leaders share their top steps to keep in mind as your organization moves data and applications to the cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 4/13/2018
Comment0 comments  |  Read  |  Post a Comment
Businesses Calculate Cost of GDPR as Deadline Looms
Kelly Sheridan, Staff Editor, Dark ReadingNews
Surveys highlight the financial burden of GDPR as companies scramble to meet the May 25 deadline.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Rolls Out 'Data Abuse Bounty' Program
Kelly Sheridan, Staff Editor, Dark ReadingNews
The social media giant also got hit with a lawsuit the day before unveiling its new reward program.
By Kelly Sheridan Staff Editor, Dark Reading, 4/11/2018
Comment0 comments  |  Read  |  Post a Comment
2.6 Billion-Plus Data Records Breached Last Year
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Most exposed data records caused by human error.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/11/2018
Comment0 comments  |  Read  |  Post a Comment
Hack Back: An Eye for an Eye Could Make You Blind
Dr. Salvatore Stolfo, Fouder & CTO, Allure SecurityCommentary
Attackers have had almost zero consequences or cost for stealing data from innocent victims. But what if we could hack their wallets, not their systems?
By Dr. Salvatore Stolfo Fouder & CTO, Allure Security, 4/11/2018
Comment0 comments  |  Read  |  Post a Comment
'SirenJack' Vulnerability Lets Hackers Hijack Emergency Warning System
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Unencrypted radio protocol that controls sirens left alert system at risk.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/10/2018
Comment0 comments  |  Read  |  Post a Comment
Businesses Fear 'Catastrophic Consequences' of Unsecured IoT
Kelly Sheridan, Staff Editor, Dark ReadingNews
Only 29% of respondents in a new IoT security survey say they actively monitor the risk of connected devices used by third parties.
By Kelly Sheridan Staff Editor, Dark Reading, 4/6/2018
Comment0 comments  |  Read  |  Post a Comment
Protect Yourself from Online Fraud This Tax Season
Robert Block, Senior VP of Identity Strategy at SecureAuth and Core SecurityCommentary
Use these tips to stay safe online during everyone's least-favorite time of the year.
By Robert Block Senior VP of Identity Strategy at SecureAuth and Core Security, 4/6/2018
Comment0 comments  |  Read  |  Post a Comment
Mirai Variant Botnet Takes Aim at Financials
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
In January, a botnet based on Mirai was used to attack at least three European financial institutions.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/5/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer,  4/17/2018
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.