News & Commentary

Latest Content tagged with Privacy
Page 1 / 2   >   >>
GDPR 101: Keeping Data Safe Throughout the 'Supply Chain'
Commentary  |  5/22/2018  | 
There are a lot of moving pieces involved with data collection, retention, and processing in the EU's new General Data Protection Regulation. Here's how to break down responsibilities between your security team and service providers.
'Roaming Mantis' Android Malware Evolves, Expands Targets
Quick Hits  |  5/21/2018  | 
Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
Get Ready for 'WannaCry 2.0'
News  |  5/17/2018  | 
Another widespread worm attack is "inevitable," but spreading a different more lucrative or destructive payload, experts say.
Tanium's Valuation Reaches $5 Billion With New Investment
Quick Hits  |  5/17/2018  | 
Tanium has received a $175 million investment from TPG Growth.
Why Isn't Integrity Getting the Attention It Deserves?
Commentary  |  5/17/2018  | 
A focus on integrity requires a shift in the way many approach security management, but it's one of the most promising approaches to effective enterprise security.
Newly Discovered Malware Targets Telegram Desktop
News  |  5/16/2018  | 
Russian-speaking attacker behind new malware capable of lifting credentials, cookies, desktop cache, and key files.
FIDO Alliance Appoints Facebook to Board of Directors
Quick Hits  |  5/16/2018  | 
Facebook joins Google, Microsoft, Amazon, and Intel, all among major influential tech companies backing FIDO authentication.
IT Pros Worried About IoT But Not Prepared to Secure It
News  |  5/16/2018  | 
Few organizations have a security policy in place for Internet of Things devices, new survey shows.
Rail Europe Notifies Riders of Three-Month Data Breach
Quick Hits  |  5/15/2018  | 
Rail Europe North America alerts customers to a security incident in which hackers planted card-skimming malware on its website.
Smashing Silos and Building Bridges in the IT-Infosec Divide
News  |  5/14/2018  | 
A strong relationship between IT and security leads to strong defense, but it's not always easy getting the two to collaborate.
'EFAIL' Email Encryption Flaw Research Stirs Debate
News  |  5/14/2018  | 
A newly revealed vulnerability in email encryption is a big problem for a small subset of users.
Facebook Suspends 200 Apps
Quick Hits  |  5/14/2018  | 
Thousands of apps have been investigated as Facebook determines which had access to large amounts of user data before its 2014 policy changes.
Risky Business: Deconstructing Ray Ozzie's Encryption Backdoor
Commentary  |  5/10/2018  | 
With the addition of secure enclaves, secure boot, and related features of "Clear," the only ones that will be able to test this code are Apple, well-resourced nations, and vendors who sell jailbreaks.
Script Kiddies, Criminals Hacking Video Streams for Fun & Profit
Quick Hits  |  5/9/2018  | 
Video streams are getting hijacked for 'prestige,' DDoS, and financial gain, a new report found.
Phishing Threats Move to Mobile Devices
News  |  5/9/2018  | 
Mobile devices are emerging as a primary gateway for phishing attacks aimed at stealing data.
Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Commentary  |  5/9/2018  | 
Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.
FBI: Reported Internet Crimes Topped $1.4 Billion Last Year
News  |  5/9/2018  | 
Business email compromise (BEC) campaigns outnumbered ransomware cases.
Why DDoS Just Won't Die
News  |  5/7/2018  | 
Distributed denial-of-service attacks are getting bigger, badder, and 'blended.' What you can (and can't) do about that.
US Extradites Romanian Hackers Charged with Vishing, Smishing
Quick Hits  |  5/7/2018  | 
Suspects fraudulently obtained more than $18 million through fraud by voice and SMS.
Encryption is Necessary, Tools and Tips Make It Easier
News  |  5/3/2018  | 
In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.
GDPR Requirements Prompt New Approach to Protecting Data in Motion
Commentary  |  5/3/2018  | 
The EU's General Data Protection Regulation means that organizations must look at new ways to keep data secure as it moves.
Ransomware Attacks Jumped 400% Worldwide in 2017
Quick Hits  |  5/2/2018  | 
WannaCry led the pack all year, new F-Secure report says.
Spring Clean Your Security Systems: 6 Places to Start
Commentary  |  5/2/2018  | 
The sun is shining and you have an extra kick in your step. Why not use that newfound energy to take care of those bothersome security tasks you've put off all winter?
A Data Protection Officer's Guide to GDPR 'Privacy by Design'
Commentary  |  5/1/2018  | 
These five steps can show you how to start building your foundational privacy program for the EU's General Data Protection Regulation.
North Korea's AV Software Contains Pilfered Trend Micro Software
News  |  5/1/2018  | 
Researchers get hold of a copy of Kim Jong Un regime's mysterious internal 'SiliVaccine' antivirus software, provided only to its citizens, and find a few surprises.
WhatsApp Founder to Depart Facebook Amid Privacy, Encryption Dispute
Quick Hits  |  4/30/2018  | 
Jan Koum also plans to step down from Facebook's board of directors.
'Zero Login:' The Rise of Invisible Identity
Commentary  |  4/27/2018  | 
Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?
12 Trends Shaping Identity Management
Slideshows  |  4/26/2018  | 
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
Why Hackers Love Healthcare
Commentary  |  4/26/2018  | 
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
Why Information Integrity Attacks Pose New Security Challenges
Commentary  |  4/25/2018  | 
To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.
'Stresspaint' Targets Facebook Credentials
News  |  4/24/2018  | 
New malware variant goes after login credentials for popular Facebook pages.
Digital Identity Makes Headway Around the World
Commentary  |  4/23/2018  | 
The US is lagging behind the digital ID leaders.
Biometrics Are Coming & So Are Security Concerns
Commentary  |  4/20/2018  | 
Could these advanced technologies be putting user data at risk?
DHS Helps Shop Android IPS Prototype
News  |  4/18/2018  | 
A MITRE-developed intrusion prevention system for mobile technology is showcased here this week at the RSA Conference.
Why We Need Privacy Solutions That Scale Across Borders
Commentary  |  4/17/2018  | 
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
Companies Still Suffering From Poor Credential Hygiene: New Report
Quick Hits  |  4/16/2018  | 
Credentials are being mis-handled and it's hurting most companies, according to a new report out today.
How GDPR Forces Marketers to Rethink Data & Security
Commentary  |  4/16/2018  | 
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
7 Non-Financial Data Types to Secure
Slideshows  |  4/14/2018  | 
Credit card and social security numbers aren't the only sensitive information that requires protection.
Power Line Vulnerability Closes Air Gap
Quick Hits  |  4/13/2018  | 
A new demonstration of malware shows that air-gapped computers may still be at risk.
Businesses Calculate Cost of GDPR as Deadline Looms
News  |  4/12/2018  | 
Surveys highlight the financial burden of GDPR as companies scramble to meet the May 25 deadline.
Facebook Rolls Out 'Data Abuse Bounty' Program
News  |  4/11/2018  | 
The social media giant also got hit with a lawsuit the day before unveiling its new reward program.
89% of Android Users Didn't Consent to Facebook Data Collection
Quick Hits  |  4/10/2018  | 
A new survey shows most Android users did not give Facebook permission to collect their call and text data.
Study Finds Petabytes of Sensitive Data Open to the Internet
Quick Hits  |  4/6/2018  | 
New research by Digital Shadows finds more than 1.5 billion sensitive files are open to discovery on the internet.
Panera Bread Leaves Millions of Customer Records Exposed Online
News  |  4/3/2018  | 
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
Hudson's Bay Brands Hacked, 5 Million Credit Card Accounts Stolen
News  |  4/2/2018  | 
The infamous Carbanak/FIN7 cybercrime syndicate breached Saks and Lord & Taylor and is now selling some of the stolen credit card accounts on the Dark Web.
Under Armour App Breach Exposes 150 Million Records
Quick Hits  |  3/30/2018  | 
A breach in a database for MyFitnessPal exposes information on 150 million users.
New Android Cryptojacker Can Brick Phones
News  |  3/28/2018  | 
Mobile cryptojacking malware mines Monero.
Destructive and False Flag Cyberattacks to Escalate
News  |  3/28/2018  | 
Rising geopolitical tensions between the US and Russia, Iran, and others are the perfect recipe for nastier nation-state cyberattacks.
Fixing Hacks Has Deadly Impact on Hospitals
News  |  3/28/2018  | 
A study from Vanderbilt University shows that remediating data breaches has a very real impact on mortality rates at hospitals.
Bad Bots Increasingly Hide Out in Cloud Data Centers
News  |  3/27/2018  | 
Humans accounted for nearly 58% of website traffic in 2017 -- the rest were bad and good bots.
Page 1 / 2   >   >>


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-8656
PUBLISHED: 2018-05-22
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
CVE-2017-2609
PUBLISHED: 2018-05-22
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
CVE-2017-2617
PUBLISHED: 2018-05-22
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.
CVE-2018-11372
PUBLISHED: 2018-05-22
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter.
CVE-2018-11373
PUBLISHED: 2018-05-22
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter.