Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

News & Commentary
Sophos Research Uncovers Widespread Use of TLS By Cybercriminals
Terry Sweeney, Contributing EditorCommentary
SPONSORED CONTENT: Nearly half of all malware is being disseminated via the Transport Layer Security cryptographic protocol, says Dan Schiappa, executive VP and chief product officer for Sophos.
By Terry Sweeney Contributing Editor, 5/24/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Greetings, Earthlings
John Klossner, CartoonistCommentary
And the winner of Dark Reading's April cartoon caption contest is ...
By John Klossner Cartoonist, 5/11/2021
Comment0 comments  |  Read  |  Post a Comment
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSecCommentary
Web scraping attacks, like Facebook's recent data leak, can easily lead to more significant breaches.
By Rob Simon Principal Security Consultant at TrustedSec, 5/7/2021
Comment0 comments  |  Read  |  Post a Comment
Foreign Spies Target British Nationals With Fake Social Media Profiles
Dark Reading Staff, Quick Hits
British security agency MI5 has launched a new education campaign to warn potential victims of the attacks.
By Dark Reading Staff , 4/20/2021
Comment0 comments  |  Read  |  Post a Comment
Clear & Present Danger: Data Hoarding Undermines Better Security
Elissa M. Redmiles, Researcher, Max Planck Institute for Software SystemsCommentary
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
By Elissa M. Redmiles Researcher, Max Planck Institute for Software Systems, 4/13/2021
Comment0 comments  |  Read  |  Post a Comment
8 Security & Privacy Apps to Share With Family and Friends
Kelly Sheridan, Staff Editor, Dark Reading
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
600K Payment Card Records Leaked After Swarmshop Breach
Dark Reading Staff, Quick Hits
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.
By Dark Reading Staff , 4/8/2021
Comment0 comments  |  Read  |  Post a Comment
Data Bias in Machine Learning: Implications for Social Justice
Christelle Kamaliza & Suzannah Hicks, Market Research Specialist / Data Scientist & Strategist, IAPPCommentary
Take historically biased data, then add AI and ML to compound and exacerbate the problem.
By Christelle Kamaliza & Suzannah Hicks Market Research Specialist / Data Scientist & Strategist, IAPP, 3/26/2021
Comment0 comments  |  Read  |  Post a Comment
How Personally Identifiable Information Can Put Your Company at Risk
Zack Schuler, Founder and CEO of NINJIOCommentary
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.
By Zack Schuler Founder and CEO of NINJIO, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
What a Federal Data Privacy Law Would Mean for Consumers
Rob Shavell, CEO of Abine / DeleteMeCommentary
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.
By Rob Shavell CEO of Abine / DeleteMe, 3/24/2021
Comment1 Comment  |  Read  |  Post a Comment
Data Protection Is a Group Effort
Rajesh Ganesan, Vice President at ManageEngineCommentary
When every employee is well-versed in customer data privacy principles, the DPO knows the enterprise's sensitive data is in good hands.
By Rajesh Ganesan Vice President at ManageEngine, 3/23/2021
Comment0 comments  |  Read  |  Post a Comment
How Us Shady Geeks Put Others Off Security
Dr. Sauvik Das, Assistant Professor of Interactive Computing, Georgia TechCommentary
Early adopters of security and privacy tools may be perceived by others as paranoid, which, in turn, may repel non-experts from protecting themselves online.
By Dr. Sauvik Das Assistant Professor of Interactive Computing, Georgia Tech, 3/19/2021
Comment0 comments  |  Read  |  Post a Comment
COVID, Healthcare Data & the Dark Web: A Toxic Stew
Greg Foss, Senior Cybersecurity Strategist, VMware Security Business UnitCommentary
The growing treasure trove of healthcare data is proving irresistible -- and profitable -- to bad actors.
By Greg Foss Senior Cybersecurity Strategist, VMware Security Business Unit, 3/17/2021
Comment0 comments  |  Read  |  Post a Comment
Make Sure That Stimulus Check Lands in the Right Bank Account
Tom Pendergast, Chief Learning Officer at MediaPROCommentary
If you haven't already, it's time to build trust relationships with your financial institutions, using strong security, privacy protections and secure, unique user credentials.
By Tom Pendergast Chief Learning Officer at MediaPRO, 3/5/2021
Comment0 comments  |  Read  |  Post a Comment
5 Key Steps Schools Can Take to Defend Against Cyber Threats
Chris Abbey, Manager, Incident Handling, at Red CanaryCommentary
Educational institutions have become prime targets, but there are things they can do to stay safer.
By Chris Abbey Manager, Incident Handling, at Red Canary, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
What Can Your Connected Car Reveal About You?
Alejandro Hernandez, Senior Consultant at IOActiveCommentary
App developers must take responsibility for the security of users' data.
By Alejandro Hernandez Senior Consultant at IOActive, 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Pieter Danhieux, CEO, Chairman, & Co-Founder, Secure Code WarriorCommentary
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
By Pieter Danhieux CEO, Chairman, & Co-Founder, Secure Code Warrior, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Virginia Takes Different Tack Than California With Data Privacy Law
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 2/18/2021
Comment1 Comment  |  Read  |  Post a Comment
4 Predictions for the Future of Privacy
Bart Willemsen, Research Vice President at GartnerCommentary
Use these predictions to avoid pushback, find opportunity, and create value for your organization.
By Bart Willemsen Research Vice President at Gartner, 2/17/2021
Comment0 comments  |  Read  |  Post a Comment
Ransomware Victims' Data Published via DDoSecrets
Dark Reading Staff, Quick Hits
Activists behind Distributed Denial of Secrets has shared 1TB of data pulled from Dark Web sites where it was shared by ransomware attackers.
By Dark Reading Staff , 1/7/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.