Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
7 Cool New Security Tools to be Revealed at Black Hat Europe
Getting to Know Magecart: An Inside Look at 7 Groups
Understanding Evil Twin AP Attacks and How to Prevent Them
What You Should Know About Grayware (and What to Do About It)
The Morris Worm Turns 30
News & Commentary
Russia Linked Group Resurfaces With Large-Scale Phishing Campaign
Jai Vijayan, Freelance writerNews
APT29/Cozy Bear is targeting individuals in military, government, and other sectors via email purporting to be from US State Department.
By Jai Vijayan Freelance writer, 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft Enables Account Sign-In via Security Key
Kelly Sheridan, Staff Editor, Dark ReadingNews
Account holders can use a FIDO2-compatible key or Windows Hello to authenticate sans username or password.
By Kelly Sheridan Staff Editor, Dark Reading, 11/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Report: Tens of Thousands of E-Commerce Sites at Heightened Security Risk
Dark Reading Staff, Quick Hits
Report delivered at Payment Card Industry Security Standards Council meeting flags issues in deployments of Magento, a popular e-commerce platform.
By Dark Reading Staff , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity at the Core
Troy Mattern, Vice President for Product and Services Cybersecurity at Motorola SolutionsCommentary
For too long, cybersecurity has been looked at as one team's responsibility. If we maintain that mentality, we will fail.
By Troy Mattern Vice President for Product and Services Cybersecurity at Motorola Solutions, 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Consumers Are Forgiving After a Data Breach, but Companies Need To Respond Well
Steve Zurier, Freelance WriterNews
A solid response and reputation management program will go a long way in surviving a major breach.
By Steve Zurier Freelance Writer, 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
6,500 Dark Web Sites Offline After Hosting Service Attacked
Dark Reading Staff, Quick Hits
The actor behind the attack on Daniel's Hosting, and their initial point of entry, remain unknown.
By Dark Reading Staff , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
8 Security Buzzwords That Are Too Good to Be True
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
If you can't get straight answers about popular industry catchphrases, maybe it's time to ask your vendor: How do you actually use the technology?
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Leaderboard Shows Adoption of DMARC Email Security Protocol
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new tool from the Global Cyber Alliance shows where companies and organizations are adopting Domain-based Message Authentication, Reporting & Conformance.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Securities Markets at High Risk of Cyberattack
Jai Vijayan, Freelance writerNews
A report by BAE Systems and SWIFT shows that financial market areas such as equities trading, bonds, and derivatives face more threats than banking, forex, and trade finance.
By Jai Vijayan Freelance writer, 11/19/2018
Comment1 Comment  |  Read  |  Post a Comment
Vulnerabilities Dip 7%, but Researchers Are Cautious
Kelly Sheridan, Staff Editor, Dark ReadingNews
Risk Based Security reports 16,172 bugs disclosed through the end of October, but researchers warn things may change.
By Kelly Sheridan Staff Editor, Dark Reading, 11/19/2018
Comment1 Comment  |  Read  |  Post a Comment
Divide Remains Between Cybersecurity Awareness and Skill
Dark Reading Staff, Quick Hits
Organizations understand the need for critical data protection but may lack the resources to respond.
By Dark Reading Staff , 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
7 Holiday Security Tips for Retailers
Steve Zurier, Freelance Writer
It's the most wonderful time of the year – and hackers are ready to pounce. Here's how to prevent them from wreaking holiday havoc.
By Steve Zurier Freelance Writer, 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
Instagram Privacy Tool Exposed Passwords
Dark Reading Staff, Quick Hits
The 'Download Your Data' tool, intended to improve users' privacy, actually became a privacy risk.
By Dark Reading Staff , 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
DHS Task Force Moves Forward on Playbooks for Supply Chain Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The public/private task force takes early steps toward securing the end-to-end supply chain.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff, Quick Hits
Attack could expose the personal information of drivers who sync their mobile phone to a vehicle entertainment system.
By Dark Reading Staff , 11/16/2018
Comment2 comments  |  Read  |  Post a Comment
BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance
Kelly Sheridan, Staff Editor, Dark ReadingNews
BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
26M Texts Exposed in Poorly Secured Vovox Database
Dark Reading Staff, Quick Hits
The server, which lacked password protection, contained tens of millions of SMS messages, two-factor codes, shipping alerts, and other user data.
By Dark Reading Staff , 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
95% of Organizations Have Cultural Issues Around Cybersecurity
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Very few organizations have yet baked cybersecurity into their corporate DNA, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 11/16/2018
Comment1 Comment  |  Read  |  Post a Comment
AI Poised to Drive New Wave of Exploits
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are ready to use AI to dramatically speed the process of finding zero-day vulnerabilities in systems.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Curtis Franklin Jr., Senior Editor at Dark Reading
Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by jenshadus
Current Conversations You're on candid camera!
In reply to: camera's?
Post Your Own Reply
Posted by mousemicky800
Current Conversations Very Helpful
In reply to: home
Post Your Own Reply
More Conversations
Products & Releases
King & Union and Farsight Security Announce Strategic Partnership
BSIA to create ‘UK marketplace’ for all IFSEC Global Shows
Dragos Announces $37M in Series B Funding for Industrial Control Systems (ICS) Cybersecurity Threat Detection and Response
Trend Micro and Moxa Announce Letter of Intent for Joint Venture to Tackle Security Needs In Industrial IoT Environments
Global Cooperation And Regulation Key In Addressing Multilayered Threats Posed By New Technology
Eurofins Digital Testing Launches Cyber Security Division
New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years
Nok Nok Labs Introduces Strong Account Recovery
More Products & Releases
PR Newswire
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
A Cybersecurity Christmas Story
Automation and orchestration will be essential components of security in 2017. Read >>
Partner Perspectives
What's This?
'Insider Sabotage' among Top 3 Threats CISOs Can't yet Handle
These five steps can help your organizations limit the risks from disgruntled employees and user errors. Read >>
Partner Perspectives
What's This?
A Sneak Peek at the New NIST Cybersecurity Framework
Key focus areas include supply chain risks, identity management, and cybersecurity risk assessment and measurement. Read >>
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Continuous Compliance and Effective Audit Preparation for the Cloud
Why audits are a necessary evil, and how they can actually help you improve your brand value. Read >>
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19406
PUBLISHED: 2018-11-21
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
CVE-2018-19407
PUBLISHED: 2018-11-21
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-19404
PUBLISHED: 2018-11-21
In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...
CVE-2018-19387
PUBLISHED: 2018-11-20
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
CVE-2018-19388
PUBLISHED: 2018-11-20
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Flash Poll
Video
Slideshows
Twitter Feed