Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in August 2015
Sights & Sounds Of Black Hat USA And DEF CON
Slideshows  |  8/31/2015  | 
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
A CISO's View of Mobile Security Strategy, With Stacey Halota
A CISO's View of Mobile Security Strategy, With Stacey Halota
Dark Reading Videos  |  8/31/2015  | 
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
Dark Reading Videos  |  8/27/2015  | 
Veracode's Chris Wysopal visits the Dark Reading News Desk at Black Hat to discuss application security, what CISOs' top priorities are, and what they should be.
A Virtual Tour of IBMs SOCs, With Roger Hellman
A Virtual Tour of IBMs SOCs, With Roger Hellman
Dark Reading Videos  |  8/27/2015  | 
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
Catching Attackers With A Security Delivery Platform
Catching Attackers With A Security Delivery Platform
Dark Reading Videos  |  8/27/2015  | 
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Dark Reading Videos  |  8/27/2015  | 
Gautam Aggarwal, CMO of Bay Dynamics, visits Dark Reading News Desk at Black Hat to explain that its important to not just develop a cybersecurity strategy, but to also better understand what your security blind spots are.
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Dark Reading Videos  |  8/27/2015  | 
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
Dark Reading Videos  |  8/27/2015  | 
You can't protect what you can't find. Arian Evans, vice president of product marketing for RiskIQ, joins the Dark Reading News Desk at Black Hat to explain how to discover all your assets.
Kelly's Glimpse Of Black Hat
Kelly's Glimpse Of Black Hat
Dark Reading Videos  |  8/26/2015  | 
Dark Reading executive editor Kelly Jackson Higgins talks through the top trends and sessions, and how the industry has evolved since her first trip to Black Hat.
Paul Vixie On DNS Security & Botnet Takedowns
Paul Vixie On DNS Security & Botnet Takedowns
Dark Reading Videos  |  8/24/2015  | 
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
Pen Testing A Smart City
Pen Testing A Smart City
Dark Reading Videos  |  8/21/2015  | 
Black Hat speakers visit the Dark Reading News Desk to discuss the stunning complexity and many soft spots of a metropolis full of IoT devices.
AlienSpy RAT Resurfaces In Case Of Real-Life Political Intrigue
News  |  8/21/2015  | 
Mysterious death of Argentinian politician potentially tied to his phone's infection with popular remote access tool.
Re-evaluating Ransomware, Without The Hype
Re-evaluating Ransomware, Without The Hype
Dark Reading Videos  |  8/18/2015  | 
Engin Kirda, chief architect of LastLine, joins the Dark Reading News Desk at Black Hat Aug. 5 to explain why most ransomware isn't as scary as we think.
An Apple Fanboi Writing Malware For Mac OSX
An Apple Fanboi Writing Malware For Mac OSX
Dark Reading Videos  |  8/18/2015  | 
Patrick Wardle, director of research for Synack, spoke about his "Writing [email protected]$$ Malware for OS X" session at the Dark Reading News Desk at Black Hat.
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Dark Reading Videos  |  8/17/2015  | 
Chief security strategist of FireEye talks at the Dark Reading News Desk at Black Hat about attribution, the war on encryption, and what should drive your security department.
Black Hat, Data Science, Machine Learning, and YOU!
Commentary  |  8/14/2015  | 
The time has come for security pros to start honing in on their machine learning skills. Heres why.
Securing Black Hat From Black Hat
Commentary  |  8/14/2015  | 
Dr. Chaos shares the inside scoop on the challenges and rewards of protecting one of the 'most hostile networks on the planet.'
Mad World: The Truth About Bug Bounties
Commentary  |  8/13/2015  | 
What Oracle CSO Mary Ann Davidson doesnt get about modern security vulnerability disclosure.
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Dark Reading Videos  |  8/12/2015  | 
Former cybersecurity advisor to the White House talks to Sara Peters at Black Hat about information sharing, attribution, cybersecurity legislation, and his new start-up.
Securing OS X: Apple, Security Vendors Need To Up Their Game
News  |  8/12/2015  | 
To date, OS X malware is pretty lame, but its easy to write better malware to bypass current defenses, security researcher Patrick Wardle told a Black Hat audience last week.
FTC to Black Hat Attendees: Help Us Make Good Tech Policy
News  |  8/12/2015  | 
The FTCs chief technologist made a direct appeal to security, privacy, and technology communities to get involved and help shape tech laws and policies.
How To Empower Women In Security
Commentary  |  8/11/2015  | 
First-ever Black Hat USA women in security panel debuted last week--and now will be an annual event.
How Can We Work Smarter In Security?
Partner Perspectives  |  8/11/2015  | 
Attendees at the 2015 Black Hat Conference in Las Vegas weigh in.
Inside The Aftermath Of The Saudi Aramco Breach
News  |  8/8/2015  | 
Former security advisor to the oil giant describes the days following the Armageddon-style cyberattack that wiped the hard drives of tens of thousands of computers.
Q&A: 20 Minutes With The Dark Tangent
News  |  8/8/2015  | 
DEF CON founder Jeff Moss on this year's DEF CON 23 hacker conference and the Internet of Things.
The NSA Playset: 5 Better Tools To Defend Systems
News  |  8/7/2015  | 
Using the NSA ANT Catalog as a model, security researchers learn about new attack techniques and technology.
Why Cyber-Physical Hackers Have It Harder Than You
News  |  8/6/2015  | 
Before you pout about having to learn a new infosec application, remember you don't need to also know physics, chemistry, engineering and how to make a pipeline explosion look like an accident.
Defending Industrial Ethernet Switches Is Not Easy, But Doable
News  |  8/6/2015  | 
Attacks and vulnerabilities against ICS and SCADA can be detected and monitored if operational folks know their network infrastructure.
Will it Blend? Earns Pwnie For Best Client Bug; OPM for Most Epic Fail
News  |  8/6/2015  | 
Pwnie Awards continue to celebrate the best bug discoveries and worst security fails.
New SMB Relay Attack Steals User Credentials Over Internet
News  |  8/5/2015  | 
Researchers found a twist to an older vulnerability that lets them launch SMB relay attacks from the Internet.
Iranian, Syrian Hackers Hit 'Gas Gauges'
News  |  8/5/2015  | 
Honeypots posing as gas gauge monitoring systems located in 7 nations hit with DDoS attacks, defacements, and queries from attackers.
From The Black Hat Keynote Stage: Jennifer Granick
News  |  8/5/2015  | 
World famous defender of hackers, privacy, and civil liberties exhorts attendees to preserve the dream of an open Internet.
Securing BGP Not As Difficult As You'd Think
News  |  8/5/2015  | 
But few service providers and organizations bother to deploy security for BGP, security expert says.
Man-In-The-Cloud Owns Your DropBox, Google Drive -- Sans Malware
News  |  8/5/2015  | 
Using no malware or stolen passwords, new attack can compromise your cloud synch services and make your good files malicious.
Black Hat USA: Empowering Women In Security
Commentary  |  8/4/2015  | 
A panel of influential women in the security industry will share their insights and identify resources for fostering professional development (and recruiting) of women in the field.
Dark Reading News Desk Live At Black Hat 2015
News  |  8/4/2015  | 
Please join host Sara Peters and her guests for the first-ever Dark Reading News Desk show at Black Hat USA 2015. Thursday's broadcast begins at 11 a.m. PDT, 2 p.m. EDT
Terracotta VPN Piggybacks On Network Of Compromised Windows Servers
News  |  8/4/2015  | 
APT groups use this VPN service to launch attacks against organizations around the world.
Lockheed Open Sources Its Secret Weapon In Cyber Threat Detection
News  |  8/4/2015  | 
Internal tool at defense company is made available to security community at large.
Dark Reading Launches Jobs Board
Commentary  |  8/4/2015  | 
New feature will help hiring companies and security job seekers find each other online.
Dark Reading Preps Week Of Show Coverage At Black Hat USA
Commentary  |  8/3/2015  | 
If you want to know what's happening in Las Vegas this week at Black Hat, Dark Reading's got the scoop.
Dark Reading News Desk Comes To You Live From Black Hat
Commentary  |  8/3/2015  | 
Live video coverage from Las Vegas Wednesday and Thursday
Breaking Honeypots For Fun And Profit
Commentary  |  8/3/2015  | 
As a concept, honeypots can be a powerful tool for detecting malware. But in the emerging field of cyber deception, theyre not up to the task of fooling attackers and getting our hands on their resources.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11854
PUBLISHED: 2020-10-27
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravil...
CVE-2020-11858
PUBLISHED: 2020-10-27
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 ...
CVE-2020-23945
PUBLISHED: 2020-10-27
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
CVE-2020-7754
PUBLISHED: 2020-10-27
This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.
CVE-2020-6023
PUBLISHED: 2020-10-27
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.