Network Computing Dark Reading

Advertise

Risk

News & Commentary

(ISC)² : Global Cybersecurity Workforce Short 3 Million People

Kelly Sheridan, Staff Editor, Dark Reading

News

With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.

By Kelly Sheridan Staff Editor, Dark Reading, 10/17/2018

0 comments | Read | Post a Comment

SEC Warns Public Companies on Accounting Control Use

Quick Hits

A new SEC investigative report urges public organizations to keep cyberthreats in mind when implementing internal accounting tools.

By Dark Reading Staff , 10/17/2018

0 comments | Read | Post a Comment

6 Reasons Why Employees Violate Security Policies

Get into their heads to find out why they're flouting your corporate cybersecurity rules.

By Ericka Chickowski Contributing Writer, Dark Reading, 10/16/2018

0 comments | Read | Post a Comment

6 Security Trends for 2018/2019

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Speaking at the Gartner Symposium/ITxpo, analyst Peter Firstbrook's list of trends is likely to inform executive committee conversations for the next 12 months.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/15/2018

2 comments | Read | Post a Comment

Latest Comment: CallumLepide, Really interesting to see the trends that have been highlighted here

12 Free, Ready-to-Use Security Tools

There's no excuse for not knowing your exposure. These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program.

By Steve Zurier Freelance Writer, 10/12/2018

3 comments | Read | Post a Comment

Latest Comment: CallumLepide, This article is absoultly right. IF you are unsure if you have a security threat...

Pair of Reports Paint Picture of Enterprise Security Struggling to Keep Up

News

Many organizations have yet to create an effective cybersecurity strategy — and it's costing them millions.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/11/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Lower level staff and cyber expets are well aware of the dangers and methods...

Window Snyder Shares Her Plans for Intel Security

News

The security leader, known for her role in securing Microsoft, Apple, and Mozilla, discusses her new gig and what she's working on now.

By Kelly Sheridan Staff Editor, Dark Reading, 10/11/2018

0 comments | Read | Post a Comment

One-Third of US Adults Hit with Identity Theft

Quick Hits

That's double the global average and more than three times the rate of French and German adults.

By Dark Reading Staff , 10/11/2018

0 comments | Read | Post a Comment

Meet 5 Women Shaping Microsoft's Security Strategy

Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.

By Kelly Sheridan Staff Editor, Dark Reading, 10/10/2018

0 comments | Read | Post a Comment

Security Researchers Struggle with Bot Management Programs

Kaan Onarlioglu, Senior Security Researcher, Akamai

Commentary

Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.

By Kaan Onarlioglu Senior Security Researcher, Akamai, 10/10/2018

0 comments | Read | Post a Comment

Constructing the Future of ICS Cybersecurity

News

As industrial control systems are connected to the cloud and the IoT, experts discuss security challenges.

By Kelly Sheridan Staff Editor, Dark Reading, 10/9/2018

1 Comment | Read | Post a Comment

Latest Comment: plee560, Demystifying ICS Cyber Risk with FAIR https://www.fairinstitute.org/blog/c...

New Domains: A Wide-Open Playing Field for Cybercrime

Commentary

As bad actors increasingly exploit new domains for financial gain and other nefarious purposes, security teams need to employ policies and practices to neutralize the threat in real time. Here's why and how.

By Ben April CTO, Farsight Security, 10/9/2018

1 Comment | Read | Post a Comment

Latest Comment: candolizaalex, This visibility enables security teams to assess their risk, update security...

Successful Scammers Call After Lunch

News

Analysis of 20,000 voice phishing, or vishing, calls reveals patterns in how social engineers operate and how targets respond.

By Kelly Sheridan Staff Editor, Dark Reading, 10/5/2018

0 comments | Read | Post a Comment

Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control

Richard Ford, Chief Scientist, Forcepoint

Commentary

Technology such as Apple's device trust score that decides "you" is “not you” is a good thing. But only if it works well.

By Richard Ford Chief Scientist, Forcepoint, 10/5/2018

0 comments | Read | Post a Comment

7 Steps to Start Your Risk Assessment

Risk assessment can be complex, but it's vital for making good decisions about IT security. Here are steps to start you down the path toward a meaningful risk assessment process.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/4/2018

0 comments | Read | Post a Comment

GDPR Report Card: Some Early Gains but More Work Ahead

Commentary

US companies paid the most, to date, to meet the EU's General Data Protection Regulation, according to a recent study, but UK companies made greater progress in achieving compliance goals.

By Chris Babel CEO, TrustArc, 10/4/2018

0 comments | Read | Post a Comment

Palo Alto Networks Buys RedLock to Strengthen Cloud Security

Quick Hits

The transaction, valued at $173 million, is intended to bring analytics and threat detection to Palo Alto Networks' cloud security offering.

By Dark Reading Staff , 10/3/2018

0 comments | Read | Post a Comment

The Award for Most Dangerous Celebrity Goes To …

Quick Hits

A new study highlights which celebrities are associated with the most malicious websites, making them risky search subjects.

By Dark Reading Staff , 10/2/2018

0 comments | Read | Post a Comment

CISOs: How to Answer the 5 Questions Boards Will Ask You

John Hellickson, Vice President, Advisory Services, at Kudelski Security, Inc.

Commentary

As boards learn the importance of cybersecurity, certain issues arise on a regular basis. These tips can help you address them.

By John Hellickson Vice President, Advisory Services, at Kudelski Security, Inc., 10/2/2018

1 Comment | Read | Post a Comment

Latest Comment: RyanSepe, These are some complex questions to answer as they are not so black and white....

October Events at Dark Reading You Can't Miss

News

Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security.

By Dark Reading Staff , 10/1/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by TimBerdon

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by REISEN1955

Paul realized the new corporate policy about not accepting a Varidesk had consequences.

In reply to: Re: Here is one for a venti!
Post Your Own Reply

Posted by hixonmarie412

Great read and I appreciate the article. I will definitely utilize these when testing our phisihing detection methods!

In reply to: Thank you for these!
Post Your Own Reply

Posted by potatofish

Sally, Have you started preparing for the annual security awareness training?

In reply to: Here is one for a venti!
Post Your Own Reply

Posted by CallumLepide

Really interesting to see the trends that have been highlighted here

In reply to: Good read
Post Your Own Reply

Posted by CallumLepide

This article is absoultly right. IF you are unsure if you have a security threat in your system already but are low on budget. Download some free tools to help you find out where you need to direct fundsand see what solutions...

In reply to: Free Tools
Post Your Own Reply

Posted by vijayhackr

The best information provided by you.

In reply to: Reply
Post Your Own Reply

Posted by rcamachon6g

Some people never learn, he clicked on another Democrat phishing link again!

In reply to: Re: Put your thinking cap on! We have new cartoon caption contest!
Post Your Own Reply

Posted by NeilB915

Glad to visit your Blog. Thanks for sharing this relevant information with us about Google Issues Chrome Updates for Windows, Mac, Linux, Android. After knowing this we have to enable Google chrome update in our window or...

In reply to: Chrome Update
Post Your Own Reply

Posted by dannycrane

It is no doubt that cyber crimes have increased as more and more areas of our lifestyles adopt technology. I'm glad that I have the chance to read this article dealing with how hacking has eeffted higher learning. Our hope...

In reply to: Great Post!
Post Your Own Reply

Posted by rosiepage44

The security tools are the most important component of any system and those tools secure our data against any kind of scams over the system. There are several security tools available on the Internet and many of them are...

In reply to: Re: Pending Review
Post Your Own Reply

Posted by MattB32201

John has always been trying creative ways to solve the pebcak issue...

In reply to: Re: Put your thinking cap on! We have new cartoon caption contest!
Post Your Own Reply

More Conversations

Products & Releases

The Chertoff Group Announces Rebrand

New RiskRecon Asset Risk Valuation Algorithms Manage Third-Party Cyber Risk

Study: 77% of CISOs Receive Conflicting Advice About Changing Regulation

Lockpath and BitSight Announce Partnership to Strengthen Cyber Security Risk Programs

Blue Cedar Teams Up with OpenSSL, Akamai, NetApp, VMware to Build Next-Gen FIPS Module

Forter, Fraud Prevention Technology Firm, Raises $50M

World-renowned Cybersecurity Veteran Richard Bejtlich Joins Corelight as Principal Security Strategist

Research Firm Names Flashpoint a ‘Strong Performer’ Citing Custom Collection Strategies, Cybercrime Analysis

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

12 Free, Ready-to-Use Security Tools

Steve Zurier, Freelance Writer, 10/12/2018

Most IT Security Pros Want to Change Jobs

Dark Reading Staff 10/12/2018

6 Security Trends for 2018/2019

Curtis Franklin Jr., Senior Editor at Dark Reading, 10/15/2018

Webinars

SOC Evolution: How and Why to Update Your Security Operations Center

Effective Cyber Risk Assessment

Make Your Organization's Email Safer

Webinar Archives

White Papers

Mobile Devices: The New Support Frontier for IT (IDG Report)

The Incident Responder's Field Guide

How VPNs and Firewalls Put You at Risk

360 Degree Visibility and Why Nothing Less Will Do for Risk and Security Teams

Claims Tracking Made Easy: Insurance Portal Built Fast with Low-code Platform

More White Papers

Video

All Risk Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10839
PUBLISHED: 2018-10-16

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.

CVE-2018-13399
PUBLISHED: 2018-10-16

The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.

CVE-2018-18381
PUBLISHED: 2018-10-16

Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.

CVE-2018-18382
PUBLISHED: 2018-10-16

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.

CVE-2018-18374
PUBLISHED: 2018-10-16

XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.

Terms of Service
Privacy Statement
Legal Entities