Careers & People

News & Commentary
Could Beto O'Rourke Become the First Hacker President?
Dark Reading Staff, Quick Hits
New report details the Democratic candidate's time as a member of Cult of the Dead Cow.
By Dark Reading Staff , 3/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Autism, Cybercrime, and Security's Skill Struggle
Kelly Sheridan, Staff Editor, Dark ReadingNews
People on the autism spectrum often possess traits that could help them succeed in cybersecurity providing they don't fall into cybercrime first.
By Kelly Sheridan Staff Editor, Dark Reading, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Meanwhile, organizations are looking at unconventional ways to staff up and train their workforce as technical expertise gets even harder to find.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 3/12/2019
Comment5 comments  |  Read  |  Post a Comment
3 Places Security Teams Are Wasting Time
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Dark Reading caught up with RSA Security president Rohit Ghai at the RSA Conference to discuss critical areas where CISOs and their teams are spinning their wheels.
By Ericka Chickowski Contributing Writer, Dark Reading, 3/11/2019
Comment0 comments  |  Read  |  Post a Comment
IT Security Administrators Aren't Invincible
Roselle Safran & Utpal Desai, President of Rosint Labs/Director of Product Management of BitdefenderCommentary
IT security administrators and their teams are responsible for evaluating an organization's security tools and technologies, but are they armed with the proper tools, considerations, and budget to do so? Fourth in a six-part series.
By Roselle Safran & Utpal Desai President of Rosint Labs/Director of Product Management of Bitdefender, 3/11/2019
Comment0 comments  |  Read  |  Post a Comment
Tina Fey, RSAC, and Parallels Between Improv and Cyber
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
This year's RSA Conference concluded with actress Tina Fey and program chair Hugh Thompson chatting about team building, diversity, and improv.
By Kelly Sheridan Staff Editor, Dark Reading, 3/8/2019
Comment1 Comment  |  Read  |  Post a Comment
4 Ways At-Work Apps Are Vulnerable to Attack
Yoram Salinger, CEO of Perception PointCommentary
Collaboration applications make users and IT teams more efficient. But they come with an added cost: security.
By Yoram Salinger CEO of Perception Point, 3/7/2019
Comment3 comments  |  Read  |  Post a Comment
To Improve Security, We Must Focus on Its People
Kelly Sheridan, Staff Editor, Dark ReadingNews
New technology can help cybersecurity bridge the talent gap, but tech won't do much without people to operate it.
By Kelly Sheridan Staff Editor, Dark Reading, 3/6/2019
Comment1 Comment  |  Read  |  Post a Comment
Trust, or Lack of It, Is a Key Theme on RSAC Keynote Stage
Sara Peters, Senior Editor at Dark ReadingNews
Neither machines nor humans might be entirely trustworthy, but the cooperation of the two might be the answer to issues of misinformation, deep fake videos, and other issues of trust, say security leaders.
By Sara Peters Senior Editor at Dark Reading, 3/5/2019
Comment0 comments  |  Read  |  Post a Comment
Fixing Fragmentation Can Yield Tangible Benefits
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Consolidating technology and breaking down functional silos can bring solid financial results, a new study finds.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/4/2019
Comment0 comments  |  Read  |  Post a Comment
Here's What Happened When a SOC Embraced Automation
Heather Hixon,  Senior Solutions Architect, DFLabsCommentary
Despite initial apprehension, security engineers and analysts immediately began to notice a variety of benefits.
By Heather Hixon Senior Solutions Architect, DFLabs, 3/4/2019
Comment1 Comment  |  Read  |  Post a Comment
Security Experts, Not Users, Are the Weakest Link
Ira Winkler, CISSP, President, Secure MentemCommentary
CISOs: Stop abdicating responsibility for problems with users it's part of your job.
By Ira Winkler CISSP, President, Secure Mentem, 3/1/2019
Comment11 comments  |  Read  |  Post a Comment
Solving Security: Repetition or Redundancy?
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
To effectively defend against today's risks and threats, organizations must examine their failings as well as their successes.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 2/28/2019
Comment1 Comment  |  Read  |  Post a Comment
Your Employees Want to Learn. How Should You Teach Them?
Kelly Sheridan, Staff Editor, Dark Reading
Security practitioners are most likely to stay at organizations that offer career development. Here are eight tips to consider as you plan your course of action.
By Kelly Sheridan Staff Editor, Dark Reading, 2/26/2019
Comment0 comments  |  Read  |  Post a Comment
Secure the System, Help the User
John Carbo, Director of Information Security at Abacus GroupCommentary
The enterprise must do its part in deploying and maintaining secure systems so that end users stand a chance against attackers.
By John Carbo Director of Information Security at Abacus Group, 2/25/2019
Comment0 comments  |  Read  |  Post a Comment
To Mitigate Advanced Threats, Put People Ahead of Tech
Brandon Levene, Head of Applied Intelligence, ChronicleCommentary
Preventative technologies are only part of the picture and often come at the expense of the humans behind them.
By Brandon Levene Head of Applied Intelligence, Chronicle, 2/22/2019
Comment0 comments  |  Read  |  Post a Comment
Why Cybersecurity Burnout Is Real (and What to Do About It)
Chris Schueler, Senior VP, Managed Security Services, TrustwaveCommentary
The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here's how to turn down the pressure.
By Chris Schueler Senior VP, Managed Security Services, Trustwave, 2/21/2019
Comment9 comments  |  Read  |  Post a Comment
Security Analysts Are Only Human
Roselle Safran & Utpal Desai, President of Rosint Labs/Director of Product Management of BitdefenderCommentary
SOC security analysts shoulder the largest cybersecurity burden. Automation is the way to circumvent the unavoidable human factor. Third in a six-part series.
By Roselle Safran & Utpal Desai President of Rosint Labs/Director of Product Management of Bitdefender, 2/21/2019
Comment15 comments  |  Read  |  Post a Comment
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game DesignerCommentary
There are severe and unsolved problems in our industry that justify a sustained effort and substantial investment. It's worth picking one.
By Adam Shostack Consultant, Entrepreneur, Technologist, Game Designer, 2/19/2019
Comment6 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by StuartG253
Current Conversations :(){:|:&};:
In reply to: Horse shit
Post Your Own Reply
More Conversations
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.