News & Commentary

Content tagged with Privacy posted in January 2018
Passwords: 4 Biometric Tokens and How They Can Be Beaten
Commentary  |  1/31/2018  | 
Authentication security methods are getting better all the time, but they are still not infallible.
K-12 Study Gives Schools Low Marks for Protecting Student Privacy Online
News  |  1/31/2018  | 
Survey says local school districts and education departments lack even the most basic security and privacy safeguards.
Digital Extortion to Expand Beyond Ransomware
News  |  1/30/2018  | 
In the future of digital extortion, ransomware isn't the only weapon, and database files and servers won't be the only targets.
6 Tips for Building a Data Privacy Culture
Slideshows  |  1/26/2018  | 
Experts say it's not enough to just post data classification guidelines and revisit the topic once a year. Companies have to build in privacy by design.
House Passes Bill to Renew NSA's Warrantless Surveillance Program
Quick Hits  |  1/12/2018  | 
The bill passed without an amendment which would require a warrant to analyze Americans' incidentally collected data.
Microsoft Launches 'Private Conversations' in Skype
Quick Hits  |  1/11/2018  | 
New feature uses Signal Protocol for strong encryption.
Privacy: The Dark Side of the Internet of Things
Commentary  |  1/11/2018  | 
Before letting an IoT device into your business or home, consider what data is being collected and where it is going.
Vulnerable Mobile Apps: The Next ICS/SCADA Cyber Threat
News  |  1/11/2018  | 
Researchers find nearly 150 vulnerabilities in SCADA mobile apps downloadable from Google Play.
20 Cybersecurity Vendors Getting Venture Capital Love
Slideshows  |  1/9/2018  | 
VCs splashed a record $4B in funding in the cybersecurity pool - here are some highlights among the early- to middle-stage startups who snagged big deals last year.
Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3
News  |  1/8/2018  | 
WPA2 protocol enhancements bring stronger security protection and best practices, while new WPA3 protocol offers new security capabilities.


New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Cracking 2FA: How It's Done and How to Stay Safe
Kelly Sheridan, Staff Editor, Dark Reading,  5/17/2018
What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity
Lital Asher-Dotan, Senior Director, Security Research and Content, Cybereason,  5/21/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh!  They're watching... And you have a laptop?  
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10000
PUBLISHED: 2018-05-24
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
CVE-2018-10001
PUBLISHED: 2018-05-24
OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network Instabil...
CVE-2018-10001
PUBLISHED: 2018-05-24
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed ...
CVE-2018-10003
PUBLISHED: 2018-05-24
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerab...
CVE-2018-10003
PUBLISHED: 2018-05-24
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been...