Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

News & Commentary

Content posted in August 2015
Page 1 / 2   >   >>
Sights & Sounds Of Black Hat USA And DEF CON
Slideshows  |  8/31/2015  | 
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
News  |  8/31/2015  | 
KeyRaider stole 225,000 legitimate Apple accounts and slammed devices with ransomware and phony purchases, but only jailbroken gear, mostly in China, is affected.
A CISO's View of Mobile Security Strategy, With Stacey Halota
A CISO's View of Mobile Security Strategy, With Stacey Halota
Dark Reading Videos  |  8/31/2015  | 
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
10 Best Practices For BYOD Policy
News  |  8/31/2015  | 
Bring-your-own device doesn't have to mean bring your own security problems.
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Commentary  |  8/31/2015  | 
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
Ashley Madison CEO Resigns
Quick Hits  |  8/28/2015  | 
Once again, a security breach claims an executive's job, but the business plans to continue operating.
FBI Sounds Alarm Again On Business Email Compromise Threat
News  |  8/28/2015  | 
Over 7,000 US business have been victimized by so-called BEC fraud between October 2013 and August 2015 alone, the FBI said in an alert this week.
The 7 ‘Most Common’ RATS In Use Today
Commentary  |  8/28/2015  | 
Sniffing out RATS -- remote access Trojans -- is a challenge for even the most hardened cyber defender. Here’s a guide to help you in the hunt.
Valasek Not Done With Car Hacking Just Yet
News  |  8/28/2015  | 
Security Pro File: Chris Valasek chats up the daunting challenge of topping the Jeep Cherokee hack, '80s Adidas tracksuits, his loathing of coding, and his love for Windows -- and Hall & Oates.
Thousands Of Potentially Malicious Android Apps Unearthed In Google Play
News  |  8/27/2015  | 
Indiana University researchers develop a new scanning technique dubbed 'MassVet' for vetting mobile app stores at scale.
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
Dark Reading Videos  |  8/27/2015  | 
Veracode's Chris Wysopal visits the Dark Reading News Desk at Black Hat to discuss application security, what CISOs' top priorities are, and what they should be.
A Virtual Tour of IBM’s SOCs, With Roger Hellman
A Virtual Tour of IBM’s SOCs, With Roger Hellman
Dark Reading Videos  |  8/27/2015  | 
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
Catching Attackers With A Security Delivery Platform
Catching Attackers With A Security Delivery Platform
Dark Reading Videos  |  8/27/2015  | 
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
Cybersecurity Under FTC Authority: What Does it Mean?
Commentary  |  8/27/2015  | 
Consumers can now expect the same level of security and privacy in the digital realm as they do in the physical.
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Dark Reading Videos  |  8/27/2015  | 
Gautam Aggarwal, CMO of Bay Dynamics, visits Dark Reading News Desk at Black Hat to explain that it’s important to not just develop a cybersecurity strategy, but to also better understand what your security blind spots are.
Evolution Of The CISO And The Board: BAE Systems’ Jim Anderson Explains
Evolution Of The CISO And The Board: BAE Systems’ Jim Anderson Explains
Dark Reading Videos  |  8/27/2015  | 
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
Dark Reading Videos  |  8/27/2015  | 
You can't protect what you can't find. Arian Evans, vice president of product marketing for RiskIQ, joins the Dark Reading News Desk at Black Hat to explain how to discover all your assets.
Flash: Web Browser Plugins Are Vulnerable
Partner Perspectives  |  8/27/2015  | 
Maybe it’s time to uninstall Flash for those that don’t need it and continuously monitor those that do.
Consumers Want Password Alternatives
News  |  8/27/2015  | 
Consumer confidence in online passwords wanes and their password hygiene remains as sketchy as ever, study finds.
A Tale Of Two IoT Security Outcomes
News  |  8/26/2015  | 
Commandeered Jeep gets fixed but a 'hijacked' satellite network does not? Why Internet of Things security remains a work in progress.
Getting To Yes, Cooperatively
Commentary  |  8/26/2015  | 
As security advocates, determining what “beneficial” means to a particular audience should be our first step in developing recommendations.
From Vicious To Virtuous: A Plan Of Attack For Incident Response
Partner Perspectives  |  8/26/2015  | 
How do you get there? Increase the cost and effort required by the bad guys and boost your efficiency.
Kelly's Glimpse Of Black Hat
Kelly's Glimpse Of Black Hat
Dark Reading Videos  |  8/26/2015  | 
Dark Reading executive editor Kelly Jackson Higgins talks through the top trends and sessions, and how the industry has evolved since her first trip to Black Hat.
IBM Advises Businesses To Block Tor
News  |  8/25/2015  | 
With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise.
What Would You Do Differently If You Knew You Were Going To Be Robbed?
Partner Perspectives  |  8/25/2015  | 
Neither prevention nor detection alone is sufficient in today’s cybercrime environment.
Ouch! Feeling The Pain Of Cybersecurity In Healthcare
Slideshows  |  8/25/2015  | 
There are lots of reasons why medical data is so vulnerable but the sheer numbers at risk speak volumes about the scale of the problem.
Security Stands As Top Factor In Digital Brand Confidence
News  |  8/25/2015  | 
Security ranked alongside marketing and IT ops concerns as important indicators of trust in online sites.
What Drives A Developer To Use Security Tools -- Or Not
News  |  8/24/2015  | 
National Science Foundation (NSF)-funded research by Microsoft Research, NC State, and UNC-Charlotte sheds light on what really makes a software developer scan his or her code for security bugs.
Ruling: FTC Can Hold Wyndham Liable For Data Breach
Quick Hits  |  8/24/2015  | 
Appeals Court ruling solidifies Federal Trade Commission's authority to take action against companies whose data breaches expose customer information.
Survey Says: Incident Response Is Fighting Back
Partner Perspectives  |  8/24/2015  | 
Companies appear to be recognizing the need for increased incident-response spending.
Paul Vixie On DNS Security & Botnet Takedowns
Paul Vixie On DNS Security & Botnet Takedowns
Dark Reading Videos  |  8/24/2015  | 
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
Keyless Cars: A New Frontier For Bug Bounties?
Commentary  |  8/24/2015  | 
With up to 100 million lines of code in the average car today -- and growing -- security vulnerabilities are bound to become the new normal.
University Of Virginia BreachTargeted Two Individuals With China Links
News  |  8/21/2015  | 
Latest example of threat actors seeking to exfiltrate data by going after individuals.
Pen Testing A Smart City
Pen Testing A Smart City
Dark Reading Videos  |  8/21/2015  | 
Black Hat speakers visit the Dark Reading News Desk to discuss the stunning complexity and many soft spots of a metropolis full of IoT devices.
With Great IoT Comes Great Insecurity
Commentary  |  8/21/2015  | 
In the brave new world of 'things' and the services they connect to, built-in security has never been more critical. Here's what's getting in the way.
AlienSpy RAT Resurfaces In Case Of Real-Life Political Intrigue
News  |  8/21/2015  | 
Mysterious death of Argentinian politician potentially tied to his phone's infection with popular remote access tool.
The Month Of Android Vulnerabilities Rolls On
News  |  8/20/2015  | 
Multi-media handling takes the most hits, and there are no easy fixes.
Spiderbot, Spiderbot, Does Whatever A Hacker Thought
Partner Perspectives  |  8/20/2015  | 
Virtual machine, she ignores, owns the bot, then controls yours.
Law Firms Form Their Own Threat Intel-Sharing Group
News  |  8/20/2015  | 
The Legal Services Information Sharing and Analysis Organization (LS-ISAO) Services is launched with the help of the financial services industry.
How Much Threat Intelligence Is Too Much?
Partner Perspectives  |  8/20/2015  | 
Turn your threat data into actionable intelligence by focusing on what is relevant to you and your organization.
Beware The Hidden Risk Of Business Partners In The Cloud
Commentary  |  8/20/2015  | 
Enterprises vastly underestimate the cyber risk from digital connections to vendors, suppliers, agencies, consultants -- and any company with which employees do business.
ID Thieves, Blackmailers Have Lots To Gain In Ashley Madison Breach
News  |  8/19/2015  | 
Breach highlights need for greater anonymity controls in identity and payment mechanisms.
Vulnerable From Below: Attacking Hypervisors Using Firmware And Hardware
Partner Perspectives  |  8/19/2015  | 
Malicious attacks with firmware privileges can compromise an entire system, so it is especially important to apply measures to reduce the risks.
Applying the 80/20 Rule to Cyber Security Practices
Commentary  |  8/19/2015  | 
How to look holistically across technology and processes and focus resources on threats that create the greatest damage.
IE Bug Exploited In Wild After Microsoft Releases Out-Of-Band Patch
Quick Hits  |  8/19/2015  | 
Remote code execution vulnerability in Internet Explorer versions 7 through 11 being used to drop PlugX RAT.
IRS Get Transcript Breach Triples In Scope
News  |  8/19/2015  | 
Breach reported in May much larger than initially thought
Hackers Dump Ashley Madison User Database... Where Most People Won't Find It
Quick Hits  |  8/18/2015  | 
Attackers make good on doxing threat, but post database to dark web.
Re-evaluating Ransomware, Without The Hype
Re-evaluating Ransomware, Without The Hype
Dark Reading Videos  |  8/18/2015  | 
Engin Kirda, chief architect of LastLine, joins the Dark Reading News Desk at Black Hat Aug. 5 to explain why most ransomware isn't as scary as we think.
Unpatched 'Tpwn' Mac OS X Bug Could Grant Root Privileges
News  |  8/18/2015  | 
Researchers beginning to find more cracks in Mac operating systems.
An Apple Fanboi Writing Malware For Mac OSX
An Apple Fanboi Writing Malware For Mac OSX
Dark Reading Videos  |  8/18/2015  | 
Patrick Wardle, director of research for Synack, spoke about his "Writing [email protected]$$ Malware for OS X" session at the Dark Reading News Desk at Black Hat.
Page 1 / 2   >   >>


97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7201
PUBLISHED: 2019-05-22
CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel.
CVE-2018-7803
PUBLISHED: 2019-05-22
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an attack...
CVE-2018-7844
PUBLISHED: 2019-05-22
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus.
CVE-2018-7853
PUBLISHED: 2019-05-22
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus
CVE-2018-7854
PUBLISHED: 2019-05-22
A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus.