Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Containerized Apps: An 8-Point Security Checklist
7 Variants (So Far) of Mirai
I, for One, Welcome Our Robotic Security Overlords
Dark Reading Launches Second INsecurity Conference
10 Open Source Security Tools You Should Know
News & Commentary
'Olympic Destroyer' Reappears in Attacks on Europe, Russia
Kelly Sheridan, Staff Editor, Dark ReadingNews
The attack group known for targeting the 2018 Winter Olympics has resurfaced in campaigns against European financial and biochem companies.
By Kelly Sheridan Staff Editor, Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
How to Prepare for 'WannaCry 2.0'
Shimon Oren, Head of Cyber Intelligence at Deep InstinctCommentary
It seems inevitable that a more-powerful follow-up to last year's malware attack will hit sooner or later. You'd better get prepared.
By Shimon Oren Head of Cyber Intelligence at Deep Instinct, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Former CIA Engineer Charged with Theft and Transmission of Classified Info
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Suspect had reportedly been named in Vault 7 leak to WikiLeaks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Secures $200M Funding Round
Dark Reading Staff, Quick Hits
The new funding round brings the company's valuation to more than $3 billion.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
5 Tips for Integrating Security Best Practices into Your Cloud Strategy
Robert Corradini, Director of Product Management at 5nineCommentary
Do 'cloud-first' strategies create a security-second mindset?
By Robert Corradini Director of Product Management at 5nine, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Security Analytics Startup Uptycs Raises $10M in Series A
Dark Reading Staff, Quick Hits
This round of funding for Uptycs, which runs an osquery-powered analytics platform, was led by ForgePoint Capital and Comcast Ventures.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Exposed Container Orchestration Systems Putting Many Orgs at Risk
Jai Vijayan, Freelance writerNews
More than 22,600 open container orchestration and API management systems discovered on the Internet.
By Jai Vijayan Freelance writer, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
'Wallchart' Phishing Campaign Exploits World Cup Watchers
Kelly Sheridan, Staff Editor, Dark ReadingNews
The details on a phishing attack designed to lure soccer fans with a subject line about the World Cup schedule and scoresheet.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
Mass. Man Pleads Guilty in ATM Jackpotting Operation
Dark Reading Staff, Quick Hits
Citizens Bank ATM and others targeted in the scheme.
By Dark Reading Staff , 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
F-Secure Buys MWR InfoSecurity
Dark Reading Staff, Quick Hits
Finnish endpoint security company buys British security service provider in cash deal.
By Dark Reading Staff , 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies
Ericka Chickowski, Contributing Writer, Dark Reading
Cryptocurrencies, how do hackers love thee? Let us count the ways.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips for Driving User Buy-in to Security Policies
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
Trump-Kim Meeting Was a Magnet For Russian Cyberattacks
Jai Vijayan, Freelance writerNews
Attacks directed at targets in Singapore went through the roof earlier this week.
By Jai Vijayan Freelance writer, 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Email, Social Media Still Security Nightmares
Dark Reading Staff, Quick Hits
Phishing and banking trojans continue to be major threats brought into the enterprise.
By Dark Reading Staff , 6/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Hackers Crack iPhone Defense Built to Block Forensic Tools
Dark Reading Staff, Quick Hits
Grayshift, the company behind a system to help police break into iPhones, says it found a workaround for USB Restricted Mode.
By Dark Reading Staff , 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Modern Cybersecurity Demands a Different Corporate Mindset
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Very few organizations have fully incorporated all relevant risks and threats into their current digital strategy, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Intel Discloses Yet Another Side Channel Vulnerability
Jai Vijayan, Freelance writerNews
Moderate severity Lazy FP restore flaw affects Intel Core-based microprocessors.
By Jai Vijayan Freelance writer, 6/14/2018
Comment0 comments  |  Read  |  Post a Comment
Demystifying Mental Health in the Infosec Community
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts talk about burnout, diversity, mental health, and legal issues in a new Community track at Black Hat USA.
By Kelly Sheridan Staff Editor, Dark Reading, 6/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Kaspersky Lab Freezes Work with Europol in Protest of EU Vote
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New European Parliament document calls out Kaspersky Lab software as 'malicious' and says it should be banned.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/14/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Cylance Announces $120 Million Funding Round
Arizona Man Sentenced to Prison for Distributed Denial of Service Attacks Against Emergency Communications System and Other Municipal Websites
Paladin Cyber Introduces Paladin Browser Protection as Google Chrome Extension
US Cyber Challenge Kicks Off 2018 Camp Season at Virginia Tech
Pulse Secure Virtual Application Delivery Controller Extends Availability to AWS GovCloud (US)
Teams & Enterprises Can Now Sign On With a Single Click on Wickr Pro
Symantec Introduces Cloud-Based Network Security Solution with Web Isolation; adds Complete Endpoint Protection
Hacker Known As 'Vigilance' Charged for Cyberattacks On Minnesota State Government Databases
More Products & Releases
PR Newswire
Microsoft Fixes 11 Critical, 39 Important Vulns
Kelly Sheridan, Staff Editor, Dark Reading,  6/12/2018
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
A Cybersecurity Christmas Story
Automation and orchestration will be essential components of security in 2017. Read >>
Partner Perspectives
What's This?
'Insider Sabotage' among Top 3 Threats CISOs Can't yet Handle
These five steps can help your organizations limit the risks from disgruntled employees and user errors. Read >>
Partner Perspectives
What's This?
A Sneak Peek at the New NIST Cybersecurity Framework
Key focus areas include supply chain risks, identity management, and cybersecurity risk assessment and measurement. Read >>
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Continuous Compliance and Effective Audit Preparation for the Cloud
Why audits are a necessary evil, and how they can actually help you improve your brand value. Read >>
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Dark Reading Live EVENTS
INsecurity 2018 A Dark Reading Conference | October 23-25 at the Sheraton Grand Chicago
INsecurity is for the defenders of enterprise security—the IT team members tasked with protecting critical data from cyber threats—and will offer real-world case studies, peer sharing and practical, actionable content for IT teams and professionals seeking better, more effective practices for defending enterprise data.
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12580
PUBLISHED: 2018-06-19
library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session['user_agent'] in the "Login Sessions" feature.
CVE-2018-12578
PUBLISHED: 2018-06-19
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
CVE-2018-1061
PUBLISHED: 2018-06-19
python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1073
PUBLISHED: 2018-06-19
The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.
CVE-2018-12557
PUBLISHED: 2018-06-19
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could ...
Flash Poll
Video
Slideshows
Twitter Feed