Upcoming Webinars
Webinar Archives
Preparing for The Ransomware Onslaught -- Part 3: Ransomware Remediation & Recovery
Date: Mar 28, 2017
View webinar
You've been hit by ransomware - and hit hard. Your organization has decided it won't give in to the attackers' demands for a ransom. Now what?

Enriching Threat Intelligence Data
Date: Mar 23, 2017
View webinar
Security teams now have a wide variety of threat intelligence sources feeding them magical "indicators of compromise." Yet, an IP address or domain name on its own only provides so much intelligence. Understanding the context around these indicators of compromise dramatically increases their value to analysts. Enriching indicator feeds with data from other sources can help analysts better identify patterns and other details that might otherwise be lost during an investigation or analysis.

Becoming a Threat Hunter in Your Enterprise
Date: Mar 16, 2017
View webinar
You're tired of waiting. Tired of waiting for your technology to alert you that there's already a problem. You want to be more proactive, sink your hands into those threat intelligence feeds, dig into those behavioral analytics reports, follow one clue after another after another, until it leads you to a would-be attacker, before they finish carrying out their grand plan. What you want is to be a threat hunter.

Building a Cybersecurity Architecture to Combat Today's Risks
Date: Mar 15, 2017
View webinar
"Layered defense" has traditionally been the modus operandi of IT security, but this approach can't be counted on to stand up to today's threats and attacks. In addition, attack surfaces are growing every day as companies adopt technologies like cloud and the Internet of Things. So how can you combat today's risks?

Cloud App Security - Don't let your Office 365 users be your security weak link
Date: Mar 14, 2017
View webinar
As corporate emails and files move to cloud apps such as Office 365 and G Suite to drive efficiencies, the reality is that users are still the weakest security link. That's because hackers are attacking the weakest link in your cybersecurity - your end users.

WANTED: Data Analysts, but are there enough?
Date: Mar 08, 2017
View webinar
As the internet and availability of data has disrupted many industries, one career field that continues to experience high demand is data analytics. Organizations that are looking to get value out of their data and compete in a new economy need these professionals to make it all work. And yet big consulting firms such as McKinsey Global Institute have been forecasting a shortfall in the talent available to meet the demand. This Radio Show will address the larger question how about higher education is embracing analytics curriculum. Register today!

5 Most Effective Breach Methods - A Virtual Hacker Perspective
Date: Mar 07, 2017
View webinar
The SafeBreach platform continuously simulates hacker behavior, allowing organizations to see the impact from a breach - before it occurs. Which were the most effective techniques we used? How do they work? Which security controls were effective against these methods? How can you stop them?

IT Careers 3.0: What You Need to Get Ahead
Date: Mar 07, 2017
View webinar
In the early years of tech, hard skills were all you needed. Over the last decade, the emphasis shifted to include soft skills such as communication, writing, time management, and collaboration. Today's employers want all of that, plus a working knowledge of business operations to bring the whole package together. Can you keep up with the evolving requirements to be successful in the IT industry? Can anyone?

Breaking The Vulnerability Cycle - Key Findings from 100 CISOs
Date: Mar 02, 2017
View webinar
We surveyed 100 CISOs and security decision makers and found that today's application security teams are facing 3 distinct issues that lead to vulnerability

Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.