Careers & People
News & Commentary
14 Social Media-Savvy CISOs to Follow on Twitter
Kelly Sheridan, Associate Editor, Dark Reading
A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.
By Kelly Sheridan Associate Editor, Dark Reading, 8/18/2017
Comment1 Comment  |  Read  |  Post a Comment
Curbing the Cybersecurity Workforce Shortage with AI
Deborah Golden, Principal, Deloitte & Touche, and Federal  Cyber-Risk LeaderCommentary
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
By Deborah Golden Principal, Deloitte & Touche, and Federal Cyber-Risk Leader, 8/18/2017
Comment0 comments  |  Read  |  Post a Comment
Behind the Briefings: How Black Hat Sessions Get Chosen
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Daniel Cuthbert and Stefano Zanero explain what the Black Hat review board is looking for in an abstract submission for the Briefings.
By Sara Peters Senior Editor at Dark Reading, 8/17/2017
Comment0 comments  |  Read  |  Post a Comment
20 Tactical Questions SMB Security Teams Should Ask Themselves
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Or why it pays for small- and medium-sized businesses to plan strategically but act tactically.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 8/15/2017
Comment2 comments  |  Read  |  Post a Comment
Cybersecurity's Ceiling
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Security spending and staffing are rising, but restrained resources are tempering market growth.
By Dawn Kawamoto Associate Editor, Dark Reading, 8/14/2017
Comment7 comments  |  Read  |  Post a Comment
What CISOs Need to Know about the Psychology behind Security Analysis
Kumar Saurabh, CEO and co-founder of LogicHubCommentary
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
By Kumar Saurabh CEO and co-founder of LogicHub, 8/14/2017
Comment0 comments  |  Read  |  Post a Comment
What Women in Cybersecurity Really Think About Their Careers
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New survey conducted by a female security pro of other female security pros dispels a few myths.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/4/2017
Comment3 comments  |  Read  |  Post a Comment
Why Cybersecurity Needs a Human in the Loop
John Bruce, CEO and Co-Founder of IBM ReslientCommentary
It's no longer comparable to Kasparov versus Deep Blue. When security teams use AI, it's like Kasparov consulting with Deep Blue before deciding on his next move.
By John Bruce CEO and Co-Founder of IBM Reslient, 8/3/2017
Comment2 comments  |  Read  |  Post a Comment
Throw Out the Playbooks to Win at Incident Response
Liz Maida,  Co-founder, CEO & CTO, Uplevel SecurityCommentary
Four reasons why enterprises that rely on playbooks give hackers an advantage.
By Liz Maida Co-founder, CEO & CTO, Uplevel Security, 7/28/2017
Comment5 comments  |  Read  |  Post a Comment
How to Build a Path Toward Diversity in Information Security
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Hiring women and minorities only addresses half the issue for the IT security industry -- the next step is retaining these workers.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/27/2017
Comment2 comments  |  Read  |  Post a Comment
The Right to Be Forgotten & the New Era of Personal Data Rights
Dimitri Sirota, Founder & CEO of BigIDCommentary
Because of the European Union's GDPR and other pending legislation, companies must become more transparent in how they protect their customers' data.
By Dimitri Sirota Founder & CEO of BigID, 7/27/2017
Comment1 Comment  |  Read  |  Post a Comment
The Wild West of Security Post-Secondary Education
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Black Hat researchers will show how inconsistent security schooling is at the university level.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/26/2017
Comment1 Comment  |  Read  |  Post a Comment
10 Critical Steps to Create a Culture of Cybersecurity
Edward J. McAndrew, Partner & Co-Chair, Privacy & Data Security  Group, Ballard Spahr LLP, Faculty Member of the Compliance, Governance &  Oversight CouncilCommentary
Businesses are more vulnerable than they need to be. Here's what you should do about it.
By Edward J. McAndrew Partner & Co-Chair, Privacy & Data Security Group, Ballard Spahr LLP, Faculty Member of the Compliance, Governance & Oversight Council, 7/26/2017
Comment2 comments  |  Read  |  Post a Comment
How Women Can Raise Their Profile within the Cybersecurity Industry
Jodie Nel, Event Organizer, Cyber Security Event SeriesCommentary
Closing the cybersecurity gender gap won't happen overnight, but women can take can take steps to begin leveling the playing field.
By Jodie Nel Event Organizer, Cyber Security Event Series, 7/25/2017
Comment1 Comment  |  Read  |  Post a Comment
DevOps & Security: Butting Heads for Years but Integration is Happening
Zeus Kerravala, Founder and Principal Analyst, ZK ResearchCommentary
A combination of culture change, automation, tools and processes can bring security into the modern world where it can be as agile as other parts of IT.
By Zeus Kerravala Founder and Principal Analyst, ZK Research, 7/20/2017
Comment7 comments  |  Read  |  Post a Comment
Profile of a Hacker: The Real Sabu
David Holmes, World-Wide Security Evangelist, F5
There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Heres one, and another about what he is doing today.
By David Holmes World-Wide Security Evangelist, F5, 7/20/2017
Comment0 comments  |  Read  |  Post a Comment
7 Deadly Sins to Avoid When Mitigating Cyberthreats
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
How digitally savvy organizations can take cyber resilience to a whole new dimension.
By Marc Wilczek Digital Strategist & CIO Advisor, 7/14/2017
Comment0 comments  |  Read  |  Post a Comment
Black Hat to Host Discussion on Diversity
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
Panel of diversity pioneers will share their views and firsthand experience on how to make inclusion a priority in security.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/13/2017
Comment5 comments  |  Read  |  Post a Comment
Majority of IT Security Professionals Work Weekends
Dark Reading Staff, Quick Hits
A survey finds that 57% of IT security professionals work weekends, and most say they still find their jobs rewarding.
By Dark Reading Staff , 7/12/2017
Comment0 comments  |  Read  |  Post a Comment
Desperately Seeking Security: 6 Skills Most In Demand
Ericka Chickowski, Contributing Writer, Dark Reading
When people say there's a security skills gap, this is what they really mean.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/8/2017
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by bradprat
Current Conversations Quite an interesting article, thank you.
In reply to: Dulhan story"> Re: Dulhan story
Post Your Own Reply
Posted by salynage
Current Conversations really its good
In reply to: Re: Pending Review
Post Your Own Reply
Posted by recomasa
Current Conversations thank you 
In reply to: thanks
Post Your Own Reply
More Conversations
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.