Upcoming Webinars
Webinar Archives
Accelerate and Simplify with Dell server Innovations featuring Intel® Xeon® processor technology
Date: Oct 21, 2014
View webinar
Register for this webinar to understand the advantages of the latest Intel® Xeon® processor technology that drives the performance of your environment, and Dell server innovation and services that drive application performance to new levels, reduce management complexity and take the risk out of migrating siloed RISC and UNIX systems into open X86 technologies.

7 Diagrams Every Software Professional Should Understand
Date: Oct 21, 2014
View webinar
You?ll deepen your understanding as Steve tackles the seven essential diagrams ? the key to developing sound software engineering judgment. Learn what really affects software projects ? and never be surprised again.

Employee Enablement Infrastructure Strategies
Date: Aug 10, 2014
View webinar
This is the third of three Information Week Webinars in a series entitled ?Mobilizing the New Millennial Workforce?, where we will bring together industry analysts and experts to share their unique perspectives on enterprise mobility, collaboration, unified communications, mobile applications, device management, mobile security and cloud-aware networks. In the era of Bring Your Own Device (BYOD), securing and managing your data housed on personal mobile devices is essential but it doesn't need to be difficult.

DevOps for Financial Services: 8 Best Practices
Date: Aug 10, 2014
View webinar
Register for this webinar to hear Kurt Bittner, Forrester Principal Analyst for Application Development & Delivery, talk about the increasing adoption and significant benefits of DevOps for Financial Services organizations and other fast-paced industries.

The cost of inaction?what cyber crime could cost your business
Date: Jul 10, 2014
View webinar
The average company in the United States loses $12.7 million annually to cyber crime. Other countries are close behind. These are results from the recently completed Ponemon Institute 2014 Cost of Cyber Crime study.

The Future of FedRAMP
Date: Jul 10, 2014
View webinar
This webinar will look at what agencies and service providers can expect from FedRAMP going forward.

Big Data 105: Leveraging Big Data Streams for Advanced Analytics
Date: Mar 10, 2014
View webinar
The most successful and innovative data-driven enterprises are augmenting their own information stores with public and proprietary feeds from social media, marketing firms, government agencies, and more.

Unleashing the Power of Real-Time Data in Insurance Marketing
Date: Feb 10, 2014
View webinar
Insurance is a highly competitive industry with immense advertising and marketing spend. But that doesn't mean that all marketing dollars are spent equally.

Tackle Process Problems with Rapid Automated Process Discovery and End-to-End Process Optimization
Date: Jan 10, 2014
View webinar
Process improvement projects can be lengthy and costly, with considerable up-front time and effort spent just establishing the ?as is? state of current business processes to identify where process problems exist.

Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.