Security Geek Gift Guide
6 Personality Profiles of White-Hat Hackers
Ransomware Meets 'Grey's Anatomy'
8 Low or No-Cost Sources of Threat Intelligence
Name That Toon: 'Tis the Season
News & Commentary
Russian-Speaking 'MoneyTaker' Group Helps Itself to Millions from US Banks
Jai Vijayan, Freelance writerNews
Banks in Latin America appear to be next big target, Group-IB says.
By Jai Vijayan Freelance writer, 12/11/2017
Comment0 comments  |  Read  |  Post a Comment
Romanian Nationals Admit to Racketeering Conspiracy, ATM Skimming
Dark Reading Staff, Quick Hits
Seven Romanian nationals pleaded guilty in connection with an ATM skimming scheme and RICO conspiracy, in addition to other crimes.
By Dark Reading Staff , 12/11/2017
Comment0 comments  |  Read  |  Post a Comment
Oracle Product Rollout Underscores Need for Trust in the Cloud
Kelly Sheridan, Associate Editor, Dark ReadingNews
Oracle updates its Identity SOC and management cloud with security tools to verify and manage users trusted with access to cloud-based data and applications.
By Kelly Sheridan Associate Editor, Dark Reading, 12/11/2017
Comment0 comments  |  Read  |  Post a Comment
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity VenturesCommentary
The number of unfilled jobs in our industry continues to grow. Here's why.
By Steve Morgan Founder & CEO, Cybersecurity Ventures, 12/11/2017
Comment1 Comment  |  Read  |  Post a Comment
Post-Breach Carnage: Worst Ways The Axe Fell in 2017
Ericka Chickowski, Contributing Writer, Dark Reading
Executive firings, stock drops, and class action settlements galore, this year was a study in real-world repercussions for cybersecurity lapses.
By Ericka Chickowski Contributing Writer, Dark Reading, 12/11/2017
Comment0 comments  |  Read  |  Post a Comment
Gartner: IT Security Spending to Reach $96 Billion in 2018
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Identity access management and security services to drive worldwide spending growth.
By Dawn Kawamoto Associate Editor, Dark Reading, 12/8/2017
Comment0 comments  |  Read  |  Post a Comment
What Slugs in a Garden Can Teach Us About Security
Chris Nelson, Senior Director of Security and IT at Distil NetworksCommentary
Design principles observed in nature serve as a valuable model to improve organizations' security approaches.
By Chris Nelson Senior Director of Security and IT at Distil Networks, 12/8/2017
Comment0 comments  |  Read  |  Post a Comment
Microsoft Issues Emergency Patch for 'Critical' Flaw in Windows Security
Dark Reading Staff, Quick Hits
Remote code execution vulnerability in Microsoft Malware Protection Engine was found by UK spy agency's National Cyber Security Centre (NCSC).
By Dark Reading Staff , 12/8/2017
Comment0 comments  |  Read  |  Post a Comment
Conficker: The Worm That Won't Die
Jai Vijayan, Freelance writerNews
More than nine years after it infected millions of systems worldwide, the malware continues to be highly active, according to a Trend Micro report.
By Jai Vijayan Freelance writer, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Android Ransomware Kits on the Rise in the Dark Web
Dawn Kawamoto, Associate Editor, Dark ReadingNews
More than 5,000 Android ransomware kit listings have been spotted so far this year, with the median price range hitting $200.
By Dawn Kawamoto Associate Editor, Dark Reading, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Rutkowska: Trust Makes Us Vulnerable
Kelly Sheridan, Associate Editor, Dark ReadingNews
Offensive security researcher Joanna Rutkowska explains why trust in technology can put users at risk.
By Kelly Sheridan Associate Editor, Dark Reading, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Man-in-the-Middle Flaw in Major Banking, VPN Apps Exposes Millions
Ericka Chickowski, Contributing Writer, Dark ReadingNews
New research from University of Birmingham emphasizes importance of securing high-risk mobile apps.
By Ericka Chickowski Contributing Writer, Dark Reading, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Bitcoin Miner NiceHash Hacked, Possibly Losing $62 Million in Bitcoin
Dark Reading Staff, Quick Hits
Breach occurred just prior to bitcoin's debut on two major US exchanges, the AP reports.
By Dark Reading Staff , 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Uber Used $100K Bug Bounty to Pay, Silence Florida Hacker: Report
Dark Reading Staff, Quick Hits
Uber also performed a forensic analysis of the man's computer to ensure he had deleted the stolen information, Reuters said.
By Dark Reading Staff , 12/7/2017
Comment1 Comment  |  Read  |  Post a Comment
Ransomware Meets 'Grey's Anatomy'
Tom & Natalie Pageler, Neustar CRO & CSO, and MD Stanford UniversityCommentary
Fictional Grey Sloan Memorial Hospital is locked out of its electronic medical records, but in the real world, healthcare organizations face even greater risks.
By Tom & Natalie Pageler Neustar CRO & CSO, and MD Stanford University, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Attacker 'Dwell Time' Average Dips Slightly to 86 Days
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Real-world incident response investigation data from CrowdStrike reveals attacker trends with fileless malware, ransomware, and other weapons.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Why Third-Party Security is your Security
Raymond Pompon, Principal Threat Research Evangelist at F5 Networks
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
NIST Releases New Cybersecurity Framework Draft
Jai Vijayan, Freelance writerNews
Updated version includes changes to some existing guidelines - and adds some new ones.
By Jai Vijayan Freelance writer, 12/6/2017
Comment1 Comment  |  Read  |  Post a Comment
Nearly 2/3 of Industrial Companies Lack Security Monitoring
Dark Reading Staff, Quick Hits
New Honeywell survey shows more than half of industrial sector organizations have suffered cyberattacks.
By Dark Reading Staff , 12/6/2017
Comment0 comments  |  Read  |  Post a Comment
Most Retailers Haven't Fully Tested Their Breach Response Plans
Dark Reading Staff, Quick Hits
More than 20% lack a breach response plan altogether, a new survey shows.
By Dark Reading Staff , 12/6/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Why Cybersecurity Must Be an International Effort
Kelly Sheridan, Associate Editor, Dark Reading,  12/6/2017
NIST Releases New Cybersecurity Framework Draft
Jai Vijayan, Freelance writer,  12/6/2017
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Can Machine Learning Outsmart Malware?
Using machine learning in the cybersecurity domain is a growing trend with many advantages, but it also has its risks. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Why Third-Party Security is your Security
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
White Papers
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

[Strategic Security Report] Cloud Security's Changing Landscape
[Strategic Security Report] Cloud Security's Changing Landscape
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
Flash Poll
Video
Slideshows
Twitter Feed