Upcoming Webinars
Webinar Archives
Getting Active with a Passive Domain Name System (DNS)
Date: Mar 01, 2016
View webinar
During this webinar we will discuss how passive DNS data is collected, replicated and how it can be analyzed to find security relevant information.

InformationWeek DevOps Virtual Summit: Practical Ideas for Optimizing Your DevOps Strategy
Date: Feb 25, 2016
View webinar
As business technology becomes increasingly software-centric, optimizing the collaboration between development and operations, or DevOps, is fast becoming IT's number one priority. It's time to make sure you have a reliable DevOps strategy in order.

Enterprise Mobile Security Report 2016: From the Front Lines
Date: Feb 24, 2016
View webinar
Attend this webinar to get insights from the latest research on enterprise mobile security-and where budget and allocation is headed in the next year.

Surviving 2016: Protecting Your Business From Advanced Cyber Threats
Date: Feb 23, 2016
View webinar
While traditional security practices still apply in today's threat landscape, the advanced threats seen in 2015 make it clear that the basics are no longer enough to protect your company. With that in mind, join us as we highlight 10 tips for surviving this year-focusing on what to do and what not to do--to prevent cybercrime in 2016.

Rethinking Layered Security
Date: Feb 23, 2016
View webinar
In this eye-opening webcast, top security experts will explain why current layered defense strategies are not working, and offer some real-world thinking around new approaches to enterprise cyber defense. Register Today!

How Your Applications Can Protect Themselves from Cyber-Threats
Date: Feb 18, 2016
View webinar
Only applications themselves possess the full contextual insight necessary to stop the types of attacks that conventional network security cannot see. Be sure to attend this insightful webinar so that you understand how you can help your company operate more confidently capitalize on emerging digital opportunities without exposing themselves to emerging digital threats.

Untold Secrets - Fighting Advanced Persistent Threats
Date: Feb 11, 2016
View webinar
As one of the most attacked organizations in the world, Lockheed Martin has a front row seat in the fight against APTs. Join Justin Lachesky, Cyber Intelligence Analyst at Lockheed Martin and Cybereason CTO, Yonatan Striem-Amit as they discuss what you need to know!

Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: nice one good
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.