Upcoming Webinars
Webinar Archives
[Cybersecurity] Costs, Risks, & Benefits
Date: Feb 28, 2017
View webinar
How much should your organization spend on information security? What's the potential cost of a major hack or data breach? What's the risk that your enterprise will be hit by a cyberattack? How can you measure the benefits of your investment in cybersecurity? This event will help you answer many of these difficult questions. This online event, hosted by the editors of Dark Reading, brings together IT security leaders, business executives, and cyber threat experts will provide you with a holistic view of the costs and benefits of information security investments.

[Cloud Security Roadmap] Mitigating Risks & Building for Long-Term Success
Date: Feb 09, 2017
View webinar
Let your inner control freak go. The "we control everything" security strategy does not apply to the cloud, especially not multicloud. According to Forrester Research, in 2015, 29 percent of global enterprise infrastructure decision-makers said they had already adopted or were in the process of adopting or expanding public cloud services, yet 32 percent of them say they have security concerns regarding application/data protection. How do you prevent the loss of sensitive data while enjoying the cost reduction and flexibility a multicloud strategy can bring?

Threat Hunting in the Enterprise Jungle
Date: Feb 02, 2017
View webinar
Cyber attackers are present and active within today's enterprise systems. In this jungle-like environment - where compromised devices and user accounts become exploited blind spots, and siloed security tools make it difficult to detect, track, and disrupt covert lateral movement - you'll need more than just poisoned darts and boulders to hunt down attackers and threats.

[Ransomware Prevention] Preparing For The Ransomware Onslaught
Date: Jan 31, 2017
View webinar
In this webinar - part of a three-part series of webinars on ransomware - top experts will discuss methods for preventing ransomware code from getting through your enterprise defenses, and how you can limit its reach. You'll learn how ransomware is developed, how it is deployed, and how it evades standard IT security tools and defenses. You'll hear about ransomware attackers - how they work, and their strategies for encrypting your data. Most importantly, you'll learn techniques for stopping ransomware in its tracks before it can run rampant through your environment.

[Office 365] Managing the Employee Lifecycle
Date: Jan 31, 2017
View webinar
Microsoft's Office 365 has become the collaboration software of choice for many organizations. While some of these are choosing Microsoft for the first time, many Office 365 customers have a history with complex legacy infrastructure that makes it difficult and time consuming to shift to the cloud. Learn to remove the identity barriers for your Office 365 migration to seamlessly manage the employee lifecycle while building a foundation from which to launch your entire future cloud strategy.

[Security] How to Better Arm Your Network Defenses
Date: Jan 26, 2017
View webinar
BYOD policies and the enablement of global workforces to insecurely connect to your network has opened "Pandora's cyber box" to malicious attacks you worked hard to keep out. This fundamental shift limits your visibility into the threats that are targeting your networks and allows malware to easily bypass network defenses, costing you more time and effort on clean-ups. So how can you improve your network defenses?

Predictive Analytics: Learn to Re-invent Classic Finance Functions
Date: Jan 25, 2017
View webinar
Today's finance leaders understand that predictive analytics have the potential to improve margins and net results. Analytics allows them to identify less obvious patterns in data and provides quicker access to key performance indicators (KPIs). By using predictive analytics solutions based on in-memory technology, finance leaders are enhancing their ability to perform classic finance functions like forecasting, analyzing external profitability drivers, and financial loss prevention. These strategic advantages enable finance to take on a greater leadership role within their organizations.

[Endpoint Security] Protect Your Memory - Stop Fileless Attacks
Date: Jan 25, 2017
View webinar
Advanced attackers use sophisticated techniques to compromise, entrench and act on critical assets. With the rise of fileless attacks, Security Operations Center (SOC) teams must protect endpoint memory to stop adversaries from gaining foothold on enterprise endpoints.

Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
Secure Application Development - New Best Practices
Secure Application Development - New Best Practices
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.