Upcoming Webinars
Webinar Archives
Securing Your Enterprise Infrastructure
Date: Oct 27, 2016
View webinar
As enterprises add new networking capabilities, SDN, and virtualized server environments, the risks they face are changing as well. In this informative session, a top expert on infrastructure security will discuss the latest threats to networks and servers and how your organization can mitigate them.

Insider Threats & Preventing Data Leaks
Date: Oct 20, 2016
View webinar
Major data leaks such as Edward Snowden's release of NSA data are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing valuable insider information - not only through malicious leaks but through unintentional, accidental violations of security rules. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers some essential advice on stopping data loss from within.

Fooling The Hacker - What Your Enterprise Can Learn
Date: Oct 18, 2016
View webinar
Enterprises spend most of their time avoiding deception and exploits from online attackers. But what happens when the tables are turned? Many are improving their cyber defenses by using "honeypots" and other deceptive techniques to go on the offensive against hackers, gaining insight on their methods before they can do damage to enterprise data.

The Real Risks of Mobile Technology In the Enterprise
Date: Oct 13, 2016
View webinar
Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.

Identify & Remediate Vulnerabilities Hiding In Your Applications
Date: Oct 13, 2016
View webinar
Fixing vulnerabilities isn't just a job for your in-house development team and the giants of Silicon Valley. It's a job for all the developers of the third-party software components embedded in countless applications and services - from open-source, to commercial off-the-shelf, to custom. When there's a vulnerability in one of those libraries, languages, or frameworks - it could be lurking in scores of your applications...do you know which ones? And how do you identify the affected systems, remediate the problem, and secure your company?

Building Your Next-Gen Security Operations Center (SOCs)
Date: Oct 11, 2016
View webinar
To handle the skyrocketing volume of malware and cyber exploits that hit them each day, many enterprises are building security operations centers (SOCs) that provide a central place for detecting, diagnosing, and remediating online attacks. But thanks to the development of new capabilities and technologies, today's SOC looks very different than those that were built even a few years ago. In this webinar, top experts on building and managing security operations centers will discuss best practices for building and staffing today's SOC, as well as some of the essential tools needed to make the SOC effective.

[Social Media Fraud] Uncovering Tactics & Trends for Cybercrime on Social Media
Date: Oct 06, 2016
View webinar
Social media has taken the world by storm. The number of social media users is expected to grow to a third of Earth's population by 2018 and organizations are expected to spend 21% of their marketing budgets on social media in the next 5 years. Unfortunately, cybercriminals are creating fraudulent accounts to masquerade as corporate brands and defraud unsuspecting fans. In order to stay protected, you'll need to understand how social media threats can impact your organization.

Core System Testing: How to Achieve Success
Date: Oct 06, 2016
View webinar
Property and Casualty Insurers have been investing in modernizing their core systems to provide flexibility, improve product speed-to-market, support customer growth, and improve underwriting profitability. Many carriers are currently on this transformational journey; and stakes from these transformation initiatives are high, given the large amount spent on initial rollouts and ongoing maintenance of these platforms. It's up to the QA team, with support of IT and business leaders, to focus on quality to achieve the realization of benefits outlined in the business case. Improving the overall quality profile, speed to market, and reduction in costs rely heavily upon automation and application-specific testing approaches.

Endpoints & End Users - Strengthening Your Weakest Links
Date: Oct 06, 2016
View webinar
Most major data breaches start with the compromise of a single endpoint - a PC, a mobile device, a user who unwittingly gives up credentials. What can your organization to protect its endpoints? How can you create and enforce end user policies that protect your corporate data? In this session, a top expert discusses how endpoints and end users are most frequently compromised - and how to keep your end users from falling victim.

Digital Transformation: How Far Along is Your Financial Institution?
Date: Oct 06, 2016
View webinar
The banking industry is undergoing unprecedented changes due to channel proliferation, increasing customer expectations and an increasingly competitive marketplace. Banks must continue to innovate and gain efficiency amidst a flood of incoming data - all while keeping down costs. In order to do this, digital transformation needs to be a priority. Many obstacles stand in the way of this digitalization: evolving business requirements, complex technology and data integration, and long development cycles, slowing speed to market. Banks need to quickly navigate their way through these barriers to achieve digitalization, or risk falling behind the competition.

Make IT Security Part Of Your Business Culture
Date: Oct 04, 2016
View webinar
Join us for this webinar as top speakers on social engineering and security awareness discuss how to increase IT Security for your enterprise. Attend and you will understand how to raise consciousness about IT security across your enterprise, discover unique ways your organization can educate users on security threats and appropriate responses, learn to build effective programs that can enable employees to be aware and willing to report potential threats, go beyond basic classes to truly change the thinking in your organization so employees and executives become more aware of IT security.

Protecting Your Data In the Cloud
Date: Sep 29, 2016
View webinar
Cloud computing services and technology offer a level of efficiency and cost savings that most enterprises simply can't pass up. But does the growing use of cloud technology create a growing threat to enterprise data? How can IT organizations track and secure data as it travels through the cloud? In this session, a cloud security expert will discuss the key danger points in cloud computing and the latest technologies and practices for cloud security.

What IT Security Tricks Can Your Enterprise Learn from the Deep/Dark Web?
Date: Sep 29, 2016
View webinar
Most enterprises struggle with IT security because they don't know when attackers will strike next - or what data they will be targeting. But recently, security researchers have found that by studying the behavior and activity in places where the bad guys go - the Deep Web and the Dark Web - they can gain insight that can improve their defenses. Join us for this eye-opening webinar, along with experts on the Deep Web and the Dark Web who will provide an overview of how these specialized and anonymized environments work, the types of data they contain, and how cyber criminals might use them to attack an enterprise.

Making the Most of Your Security Budget via an Inline Security Fabric
Date: Sep 29, 2016
View webinar
You cannot protect your organization from the constant threat of cyberattacks with best-efforts security monitoring. You need 100% data access and visibility, and the intelligence to evaluate vast volumes of network traffic, without slowing or disrupting your network. A resilient security fabric does all this, and helps scale your security infrastructure as needs change. Attend and you will walk away with components of an inline security fabric, six criteria for evaluating fabric components, key product specifications and features, and tips for making the most of your security budget.

How To Effectively Analyze Threat Intelligence Data
Date: Sep 28, 2016
View webinar
Today's enterprises have a wide variety of threat intelligence available to them: threat feeds, internal security event information, CERT and other vulnerability reporting sites. How can you correlate this information to identify sophisticated cyberattacks? What processes can you use to ferret out the relevant threat data and stop the most complex exploits before they result in a data breach?

Solve Your App Sprawl Headaches!
Date: Sep 28, 2016
View webinar
Join us as we explore the challenges and benefits of democratizing app development, Attend this webinar and you will learn why business colleagues no longer want to wait for IT to develop their apps, which departments are most likely to take app development into their own hands, and how that affects business, what pitfalls and security dangers lurk in letting the business develop apps without IT's involvement, and how IT can work with the business to make tools available that will democratize app development while adhering to IT best practices.

How to Do More with Less for a Better Incident Response
Date: Sep 28, 2016
View webinar
In this webinar on September 28th, Duane Kuroda will shine a light on this problem and provide best practices to help you take charge. Results of a just-completed survey of your peers about the state of the problem will be shared, as well as actionable tips and tricks, to help you begin to gain control of your incident response process and keep you secured against advanced threats.

Outsmart Hackers with Deep Learning Artificial Intelligence (AI)
Date: Sep 27, 2016
View webinar
Join us on September 27th to learn how AI evolved from old rule-based systems to state-of-the art deep learning, understand key differences between machine learning and deep learning, discover the unprecedented results exhibited by applying deep learning in various domains, hear background on the first application of deep learning AI to cybersecurity, and learn how deep learning enables real-time prediction of unknown threats with unmatched accuracy.

Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.