Advertise

Risk

News & Commentary

Cisco CPO: Privacy Is Not About Secrecy or Compliance

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/19/2018

0 comments | Read | Post a Comment

'Wallchart' Phishing Campaign Exploits World Cup Watchers

Kelly Sheridan, Staff Editor, Dark Reading

News

The details on a phishing attack designed to lure soccer fans with a subject line about the World Cup schedule and scoresheet.

By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2018

0 comments | Read | Post a Comment

3 Tips for Driving User Buy-in to Security Policies

Marc Laliberte, Information Security Threat Analyst, WatchGuard Technologies

Commentary

Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.

By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018

0 comments | Read | Post a Comment

Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks

News

Security is weak, and most companies are clueless, according to Immunity researcher Lurene Grenier, who kicked off the Cisco Talos Threat Research Summit on Sunday.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/13/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, I am honored to be working with a talented group of warfare professoinals at...

Security Ratings Answer Big Questions in Cyber Insurance

News

More insurers are teaming up with security ratings firms to learn more about their clients, define policies, and determine coverage.

By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2018

0 comments | Read | Post a Comment

6 Ways Greed Has a Negative Effect on Cybersecurity

Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA

Commentary

How the security industry can both make money and stay true to its core values, and why that matters.

By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 6/11/2018

3 comments | Read | Post a Comment

Latest Comment: Ronn91, Great Information sharing .. I am very happy to read this article .. thanks...

Bug Bounty Payouts Up 73% Per Vulnerability: Bugcrowd

News

Bug bounty programs grew along with payouts, which averaged $781 per vulnerability this year, researchers report.

By Kelly Sheridan Staff Editor, Dark Reading, 6/7/2018

0 comments | Read | Post a Comment

DevSecOps Gains Enterprise Traction

News

Enterprise adoption of DevSecOps has surged in the past year, according to a study conducted at this year's RSA Conference.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/7/2018

0 comments | Read | Post a Comment

In Pursuit of Cryptography's Holy Grail

Ellison Anne Williams, Founder and CEO of Enveil

Commentary

Homomorphic encryption eliminates the need for data exposure at any point — something that certainly would be welcome these days.

By Ellison Anne Williams Founder and CEO of Enveil, 6/7/2018

0 comments | Read | Post a Comment

Survey Shows Florida at the Bottom for Consumer Cybersecurity

News

A new survey shows that residents of the Sunshine State engage in more risky behavior than their counterparts in the other 49 states.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/6/2018

0 comments | Read | Post a Comment

Tax-Season Malware Campaign Delivers Trojan Via Email

Quick Hits

A new example of a long-term phenomenon delivers a banking trojan via a downloader activated by a URL in a phishing email.

By Dark Reading Staff , 6/6/2018

0 comments | Read | Post a Comment

Panorays Debuts With $5 Million Investment

Quick Hits

Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.

By Dark Reading Staff , 6/5/2018

0 comments | Read | Post a Comment

The Breach Disclosure Double Standard

Ericka Chickowski, Contributing Writer, Dark Reading

News

Cybersecurity pros expect to be notified immediately when they're breached, but most don't do the same – and some even cover up breaches.

By Ericka Chickowski Contributing Writer, Dark Reading, 6/5/2018

0 comments | Read | Post a Comment

Dark Reading Launches Second INsecurity Conference

Tim Wilson, Editor in Chief, Dark Reading,

News

To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions

By Tim Wilson, Editor in Chief, Dark Reading , 6/5/2018

0 comments | Read | Post a Comment

Building a Safe, Efficient, Cost-Effective Security Infrastructure

Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMC

Commentary

The Industrial Internet of Things allows organizations to address both physical and digital security concerns.

By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018

0 comments | Read | Post a Comment

Google Groups Misconfiguration Exposes Corporate Data

News

Researchers say as many as 10,000 businesses are affected by a widespread misconfiguration in Google Groups settings.

By Kelly Sheridan Staff Editor, Dark Reading, 6/1/2018

0 comments | Read | Post a Comment

Telegram: Apple Has Blocked Updates since April

Quick Hits

Telegram founder and chief executive Pavel Durov claims the messaging service has not been able to make technical updates anywhere in the world.

By Dark Reading Staff , 6/1/2018

0 comments | Read | Post a Comment

New Federal Report Gives Guidance on Beating Botnets

News

A report from the Departments of Commerce and Homeland Security provides five goals for protecting infrastructure from botnets and other automated threats.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/31/2018

1 Comment | Read | Post a Comment

Latest Comment: BrianN060, While the report and the executive order are meaningful, a number of the points...

6 Security Investments You May Be Wasting

Not all tools and services provide the same value. Some relatively low-cost practices have a major payoff while some of the most expensive tools make little difference.

By Kelly Sheridan Staff Editor, Dark Reading, 5/31/2018

0 comments | Read | Post a Comment

Hacker Sentenced to 5 Years in Yahoo Credential Theft Case

News

Karim Baratov given prison time and seven-figure fine after guilty plea in the massive Yahoo data breach

By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/30/2018

2 comments | Read | Post a Comment

Latest Comment: REISEN1955, Agree in nature of Yahoo - a fading search engine and right up there with anyone...

More Stories

Current Conversations

Posted by alise1208

When I was looking for any information about GDPR compliance, I came across many articles where companies described their experience in solving this issue. Here is one great post on Redwerk's blog https://redwerk.com/blog/turning-gdpr-compliance-redwerks-experience...

In reply to: GSPR experience
Post Your Own Reply

Posted by jabeatty

Spamming is generally much more effective when you post to a topic that's a little more current.

In reply to: Re: Brother Printer Support
Post Your Own Reply

Posted by Ronn91

Great Information sharing .. I am very happy to read this article .. thanks for giving us go through info Fantastic nice.

In reply to: Re: cool
Post Your Own Reply

Posted by Brother Printer Support

I thought I should try to call that number, Trust me the Brother Printer Repair Services its cool and very much helpful, their advisors having too much depth on the subject, they know how to treat a customer for his/her...

In reply to: Re: Brother Printer Support
Post Your Own Reply

Posted by Brother Printer Support

In reply to: Re: Brother Printer Support
Post Your Own Reply

Posted by ShimonO600

I can think of more, in any case, interesting read.

In reply to: Only 6?
Post Your Own Reply

Posted by REISEN1955

I am honored to be working with a talented group of warfare professoinals at Fiserv - where we have a dedicated malware forensics and threat hunting group for the entire firm. We are ACTIVE in finding incoming threats...

In reply to: Working in a real shop
Post Your Own Reply

Posted by williamlucas

Thanks for sharing an informative post and detailed explanation for the same.

In reply to: re: Hacking Higher Education
Post Your Own Reply

Posted by baranteo

Cybersecurity is a problem of last 5-8 years. I'm sure it's a global issue because society afraid that their lives are in danger. We must monitor websites to protect ourselves as consumers

In reply to: cool
Post Your Own Reply

Posted by printer1

Actually, on my side, it was very great full for us that we all have the reporter and then you also depended on the report. For that, if you interested in that for them I suggest a site. From the site, you will know...

In reply to: Reporter
Post Your Own Reply

Posted by BrianN060

While the report and the executive order are meaningful, a number of the points mentioned in the article are questionable, if not downright head-scratching. Those referenced in the article summary are perplexing -...

In reply to: Guidance on Beating Botnets - report
Post Your Own Reply

Posted by Brother Printer Support

Off Course, you have to search any kind of information we have to want we search at GOOGLE. But Need is an important matter what we need actually If we want to support related issue then Search Support like we have a printer...

In reply to: Brother Printer Support
Post Your Own Reply

More Conversations

Products & Releases

68% of EU, US Crypto Exchanges and Wallets Fail on Proper Customer Identity Checks

Cybersecurity, IT Governance, Emerging Tech Shaping 2018 IT Audit Plans: Protiviti, ISACA

ISACA Unveils GDPR Assessment for Enterprises to Gauge Regulation Readiness and Compliance Path

Tax Software Providers Not Protecting Emails from Phishing and Spoofing

Kaspersky Lab finds Prilex POS malware evolving to target chip and PIN-protected cards

PCI SSC Announces Changes to Qualified Integrators and Resellers Program

TechDemocracy’s Cyber Risk Governance Portfolio Meets Highest Quality and Information Security Standards with New ISO Certifications

Cyber Insurer Coalition Raises $10 Million to Solve Cyber Risk for SMBs

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital

David Shefter, Chief Technology Officer at Ziften Technologies, 6/14/2018

Demystifying Mental Health in the Infosec Community

Kelly Sheridan, Staff Editor, Dark Reading, 6/14/2018

Email, Social Media Still Security Nightmares

Dark Reading Staff 6/15/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

2018 Security Report

The Next Gen of IT Support

[Cybersecurity] 11 key points to consider when choosing a solution

[Checklist] Next-Gen AV Product Vendor Selection

Prevent Cybercrime and Insider Attacks In Your Company with Static Analysis

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: In pace requiescat

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2016-10723
PUBLISHED: 2018-06-21

** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurre...

CVE-2017-13072
PUBLISHED: 2018-06-21

Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code.

CVE-2017-2669
PUBLISHED: 2018-06-21

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through var_expand() to perform %variable expansion. Sending specially crafted %variable fields could result in exce...

CVE-2017-2672
PUBLISHED: 2018-06-21

A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems.

CVE-2018-0712
PUBLISHED: 2018-06-21

Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.

Terms of Service
Privacy Statement
Legal Entities