Latest Content
<<   <   Page 2 / 2
10 Time-Consuming Tasks Security People Hate
Slideshows  |  8/28/2017
Whether it is dealing with false positives, reporting to auditors, or patching software, here's the scut work security people dread.
14 Social Media-Savvy CISOs to Follow on Twitter
Slideshows  |  8/18/2017
A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.
9 of the Biggest Bug Bounty Programs
Slideshows  |  8/11/2017
These programs stand out for the size of their rewards and how much they have paid in total to security researchers in bounties over the last several years.
2017 Pwnie Awards: Who Won, Lost, and Pwned
Slideshows  |  8/3/2017
Security pros corralled the best and worst of cybersecurity into an award show highlighting exploits, bugs, achievements, and attacks from the past year.
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
Slideshows  |  7/24/2017
Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
Best of Black Hat: 20 Epic Talks in 20 Years
Slideshows  |  7/19/2017
In celebration of Black Hat's 20th birthday, we take a look back at the most memorable presentations and demos since the show's inception in 1997.
IoT Security Incidents Rampant and Costly
Slideshows  |  7/18/2017
New research offers details about the hidden and not so hidden costs of defending the Internet of Things.
Desperately Seeking Security: 6 Skills Most In Demand
Slideshows  |  7/8/2017
When people say there's a security skills gap, this is what they really mean.
NotPetya: How to Prep and Respond if You're Hit
Slideshows  |  7/7/2017
Security pros share practices to prepare and handle advanced malware attacks like NotPetya.
8 Things Every Security Pro Should Know About GDPR
Slideshows  |  6/30/2017
Organizations that handle personal data on EU citizens will soon need to comply with new privacy rules. Are you ready?
How To (And Not To) Make the Online Trust Honor Roll
Slideshows  |  6/29/2017
Five websites generated the highest score in their sector for the 2017 Online Trust Audit & Honor Roll. Here is what it takes to get there and be listed among the Online Trust Alliance's Top 50
9 Ways to Protect Your Cloud Environment from Ransomware
Slideshows  |  6/27/2017
The same technology driving faster collaboration and data transfer also enables cybercriminals to quickly spread ransomware.
8 Hot Hacking Tools to Come out of Black Hat USA
Slideshows  |  6/23/2017
High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas.
Android Security Apps for BYOD Users
Slideshows  |  6/16/2017
A look at 8 security apps that experts recommend for Android.
The Rising Tide of Crimeware-as-a-Service
Slideshows  |  6/13/2017
Malware, botnets, phishing and backdoors are all offered on the cheap as subscription. These days even crime is in the cloud.
How End-User Devices Get Hacked: 8 Easy Ways
Slideshows  |  6/9/2017
Security experts share the simplest and most effective methods bad guys employ to break into end-user devices.
8 Most Overlooked Security Threats
Slideshows  |  5/26/2017
Businesses know the obvious security threats to watch for, but some of the biggest dangers may not at top-of-mind.
9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
Slideshows  |  5/23/2017
Mistakes and missteps plague enterprise security. The Verizon 2017 Data Breach Investigations Report (DBIR) offers nuggets on what organizations must stop doing now.
8 Notorious Russian Hackers Arrested in the Past 8 Years
Slideshows  |  5/12/2017
Lesson learned by Russian cybercriminals: Don't go on vacation, it's bad for your freedom to scam.
10 Free or Low-Cost Security Tools
Slideshows  |  5/9/2017
At a time when many organizations struggle with security funding, open-source tools can help cut costs for certain businesses.
6 Steps to Find Your Next Dozen Cloud Security Experts
Slideshows  |  4/26/2017
There's stiff competition for cloud security experts, but finding yours may actually be easier than you think.
The Hidden Dangers of Component Vulnerabilities
Slideshows  |  4/21/2017
Dangerous flaws in open source components and dependencies lurk within most applications today.
6 Times Hollywood Got Security Right
Slideshows  |  4/20/2017
Hollywood has struggled to portray cybersecurity in a realistic and engaging way. Here are films and TV shows where it succeeded.
6 New Security Startups Named to MACH37 Spring Cohort
Slideshows  |  4/15/2017
The companies selected this year include technical talent that draws from Silicon Valley to Hungary and Western Europe.
Forget the Tax Man: Time for a DNS Security Audit
Slideshows  |  4/11/2017
Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.
7 Ways Hackers Target Your Employees
Slideshows  |  4/6/2017
One employee under reconnaissance by cyberattackers can put your whole business at risk. Where are they being targeted, and what should they know?
Intro to Cyber Insurance: 7 Questions to Ask
Slideshows  |  3/24/2017
Buying a cyber insurance policy can be complex and difficult. Make sure you're asking these questions as you navigate the process.
7 Steps to Transforming Yourself into a DevSecOps Rockstar
Slideshows  |  3/23/2017
Security practitioners at one education software firm offer lessons learned from merging DevOps with security.
New Wave of Security Acquisitions Signals Start of Consolidation Trend
Slideshows  |  3/20/2017
A dozen recent high-profile deals reflect cybersecurity vendors' hopes of expanding their offerings with next-generation technology, ideas, and talent.
The 6 Riskiest Social Media Habits to Avoid at Work
Slideshows  |  3/15/2017
Cybercriminals are turning to Facebook, Twitter and other platforms to launch attacks via employee behavior that could be putting your business at risk.
9 Phishing Lures that Could Hijack your 2017 Tax Refund
Slideshows  |  3/9/2017
Scammers are taking an aggressive approach to tax season this year, packing attachments and links with banking Trojans, and fairly new strains of ransomware.
7 Hot Security Terms (and Buzzwords) to Know
Slideshows  |  3/6/2017
How the security industry has a conversation with itself is constantly changing and the latest terms as well as buzzwords point us to where the technology is heading.
20 Cybersecurity Startups To Watch In 2017
Slideshows  |  2/24/2017
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
8 Valuable Security Certifications For 2017
Slideshows  |  2/21/2017
A security credential could be the step towards your next job title. But which one to get?
When Hackers Hack Hackers
Slideshows  |  2/9/2017
Notable cases of internecine cyber squabbles.
10 Essential Elements For Your Incident-Response Plan
Slideshows  |  2/2/2017
The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.
6 Free Ransomware Decryption Tools
Slideshows  |  1/30/2017
The No More Ransom group has been working to get free decryptor tools into the hands of security professionals and the general public.
7 Tips For Getting Your Security Budget Approved
Slideshows  |  1/27/2017
How to have a productive conversation with business leaders and get your security budget approved.
SOC Maturity By The Numbers
Slideshows  |  1/25/2017
Most large organizations today have security operations centers in play, but only 15% rate theirs as mature.
7 Common Reasons Companies Get Hacked
Slideshows  |  1/18/2017
Many breaches stem from the same root causes. What are the most common security problems leaving companies vulnerable?
10 Cocktail Party Security Tips From The Experts
Slideshows  |  1/13/2017
Security pros offer basic advice to help average users ward off the bad guys.
What To Watch For With Ransomware: 2017 Edition
Slideshows  |  1/7/2017
Ransomware will continue to evolve in 2017, bringing new and diverse threats to businesses. What changes are in store?
7 Ways To Fine-Tune Your Threat Intelligence Model
Slideshows  |  1/5/2017
The nature of security threats is too dynamic for set-and-forget. Here are some ways to shake off that complacency.
21 Biggest Cybercriminal Busts Of 2016
Slideshows  |  12/28/2016
This year has been a tornado of major cyberattacks and hacker arrests. Here, we look back on the 21 most interesting 'cyberbusts' of 2016.
8 Boldest Security Predictions For 2017
Slideshows  |  12/27/2016
Scary, funny and maybe even a little outlandish, these industry predictions come from prognosticators who didn't mince words.
Inside The Vulnerability Disclosure Ecosystem
Slideshows  |  12/22/2016
Report released by NTIA stakeholders offers new information on how organizations respond to security vulnerabilities - and what researchers think.
5 Ways The Cyber-Threat Landscape Shifted In 2016
Slideshows  |  12/19/2016
IoT botnets and turnkey phishing services were just some of the ways the bad guys stayed ahead in 2016
8 Most Hackable Holiday Gifts, 2016 Edition
Slideshows  |  12/14/2016
You better watch out! Otherwise, you may be giving the gift of malware or unauthorized access to networks and devices.
5 Things Security Pros Need To Know About Machine Learning
Slideshows  |  12/12/2016
Experts share best practices for data integrity, pattern recognition and computing power to help enterprises get the most out of machine learning-based technology for cybersecurity.
How Retailers Can Fight Holiday Season Hackers
Slideshows  |  12/8/2016
Experts offer tips for locking down retailers point-of-sale systems for the busy holiday shopping season.
<<   <   Page 2 / 2

Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
Disappearing Act: Dark Reading Caption Contest Winners
Marilyn Cohodas, Community Editor, Dark Reading,  3/12/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.