Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

News & Commentary
Americans Fed Up With Lack of Data Privacy
Robert Lemos, Contributing WriterNews
Eight out of every 10 US adults are worried over their inability to control how data about them is used, a new Pew Research survey shows.
By Robert Lemos Contributing Writer, 11/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Social Media: Corporate Cyber Espionage's Channel of Choice
Otavio Freire, CTO & President, SafeGuard CyberCommentary
Proactive defense and automation can help your company deal with scale and prioritize risks in order to more efficiently fight cyber espionage.
By Otavio Freire CTO & President, SafeGuard Cyber, 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
It's Time to Improve Website Identity Indicators, Not Remove Them
Tim Callan, Senior Fellow, SectigoCommentary
Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
By Tim Callan Senior Fellow, Sectigo, 10/24/2019
Comment2 comments  |  Read  |  Post a Comment
FTC Warns Consumers About Stalking Apps
Dark Reading Staff, Quick Hits
Agency offers tips on how to detect and eradicate the spyware.
By Dark Reading Staff , 10/23/2019
Comment0 comments  |  Read  |  Post a Comment
Data Privacy Protections for the Most Vulnerable Children
Dimitri Sirota, Founder & CEO of BigIDCommentary
The business case for why companies that respect the privacy of individuals, and especially minors, will have a strong competitive advantage.
By Dimitri Sirota Founder & CEO of BigID, 10/17/2019
Comment2 comments  |  Read  |  Post a Comment
Twitter Slip-Up Spills MFA Phone Numbers, Emails to Advertisers
Dark Reading Staff, Quick Hits
Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers.
By Dark Reading Staff , 10/9/2019
Comment0 comments  |  Read  |  Post a Comment
7 Considerations Before Adopting Security Standards
Steve Zurier, Contributing Writer
Here's what to think through as you prepare your organization for standards compliance.
By Steve Zurier Contributing Writer, 10/8/2019
Comment1 Comment  |  Read  |  Post a Comment
10 Steps to Assess SOC Maturity in SMBs
Andrew Houshian, Associate Director of SOC and Attestation Services at A-LIGNCommentary
Facing a system and organization controls audit doesn't have to be stressful for small and midsize businesses if they follow these guidelines.
By Andrew Houshian Associate Director of SOC and Attestation Services at A-LIGN, 10/7/2019
Comment0 comments  |  Read  |  Post a Comment
How Network Logging Mitigates Legal Risk
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
Logging that is turned on, captured, and preserved immediately after a cyber event is proof positive that personal data didn't fall into the hands of a cybercriminal.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 9/23/2019
Comment1 Comment  |  Read  |  Post a Comment
One Arrested in Ecuador's Mega Data Leak
Dark Reading Staff, Quick Hits
Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Dark Reading Staff, Quick Hits
Twitter CEO Jack Dorsey's Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
By Dark Reading Staff , 8/30/2019
Comment2 comments  |  Read  |  Post a Comment
Privacy 2019: We're Not Ready
J. Trevor Hughes, President & CEO, IAPPCommentary
To facilitate the innovative use of data and unlock the benefits of new technologies, we need privacy not just in the books but also on the ground.
By J. Trevor Hughes President & CEO, IAPP, 8/29/2019
Comment2 comments  |  Read  |  Post a Comment
Never Forget Your Passwords Again!
Beyond the Edge, Dark Reading
You never know what those late-night infomercials are going to turn up.
By Beyond the Edge Dark Reading, 8/28/2019
Comment0 comments  |  Read  |  Post a Comment
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Steve Zurier, Contributing Writer
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
By Steve Zurier Contributing Writer, 8/27/2019
Comment0 comments  |  Read  |  Post a Comment
Capital One Breach: What Security Teams Can Do Now
Dr. Richard Gold, Head of Security Engineering at Digital ShadowsCommentary
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
By Dr. Richard Gold Head of Security Engineering at Digital Shadows, 8/23/2019
Comment3 comments  |  Read  |  Post a Comment
'Phoning Home': Your Latest Data Exfiltration Headache
Jeff Costlow, CISO, ExtraHopCommentary
Companies phone enterprise customer data home securely and for a variety of perfectly legitimate and useful reasons. The problems stem from insufficient disclosure.
By Jeff Costlow CISO, ExtraHop, 8/21/2019
Comment0 comments  |  Read  |  Post a Comment
The California Consumer Privacy Act's Hidden Surprise Has Big Legal Consequences
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
The CCPA's provision devoted to 'reasonable' cybersecurity procedures and policies could trip up your business. Get ready now.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
FBI Plans to Monitor Social Media May Spark Privacy Issues
Dark Reading Staff, Quick Hits
A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance.
By Dark Reading Staff , 8/12/2019
Comment1 Comment  |  Read  |  Post a Comment
Security Pros, Congress Reps Talk National Cybersecurity at DEF CON
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.
By Kelly Sheridan Staff Editor, Dark Reading, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2019
Sara Peters, Senior Editor at Dark ReadingNews
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
By Sara Peters Senior Editor at Dark Reading, 8/8/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by yvettejwilliams
Current Conversations Thank you
In reply to: Hi men
Post Your Own Reply
More Conversations
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5118
PUBLISHED: 2019-11-18
A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters.
CVE-2019-12422
PUBLISHED: 2019-11-18
Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.
CVE-2012-4441
PUBLISHED: 2019-11-18
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.
CVE-2019-10764
PUBLISHED: 2019-11-18
In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which m...
CVE-2019-19117
PUBLISHED: 2019-11-18
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.