Careers & People

News & Commentary
Why Security Startups Fly And Why They Crash
Kelly Sheridan, Staff Editor, Dark ReadingNews
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
By Kelly Sheridan Staff Editor, Dark Reading, 7/20/2018
Comment0 comments  |  Read  |  Post a Comment
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure MentemCommentary
It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.
By Ira Winkler CISSP, President, Secure Mentem, 7/19/2018
Comment3 comments  |  Read  |  Post a Comment
SOCs Use Automation to Compensate for Training, Technology Issues
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/13/2018
Comment1 Comment  |  Read  |  Post a Comment
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security Pro File: Web app security pioneer dishes on his teenage security career, his love of electric scooters, Ace Ventura and a new baby food business venture with his wife and famed chef, Kathy Fang.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESETCommentary
Establishing an entre into the security world can be a maddeningly slow process. For those of us already here, it can be an opportunity to help others.
By Lysa Myers Security Researcher, ESET, 7/12/2018
Comment2 comments  |  Read  |  Post a Comment
New Cyber Center Opens at Augusta University in Georgia
Dark Reading Staff, Quick Hits
University partners with state on $100 million Georgia Cyber Center for cybersecurity education and research.
By Dark Reading Staff , 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
WEF: 217 More Years Until Women and Men Reach Economic Equality
Kelly Sheridan, Staff Editor, Dark ReadingNews
Progress toward economic parity is in reverse for the first time since 2006, but cybersecurity can help change the game.
By Kelly Sheridan Staff Editor, Dark Reading, 7/5/2018
Comment2 comments  |  Read  |  Post a Comment
4 Basic Principles to Help Keep Hackers Out
David Pearson, Principle Threat ResearcherCommentary
The most effective hackers keep things simple, something organizations must take into account.
By David Pearson Principle Threat Researcher, 7/5/2018
Comment3 comments  |  Read  |  Post a Comment
6 Drivers of Mental and Emotional Stress in Infosec
Kelly Sheridan, Staff Editor, Dark Reading
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 7/2/2018
Comment4 comments  |  Read  |  Post a Comment
There's No Automating Your Way Out of Security Hiring Woes
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/28/2018
Comment0 comments  |  Read  |  Post a Comment
The 3 R's for Surviving the Security Skills Shortage
Ericka Chickowski, Contributing Writer, Dark ReadingNews
How to recruit, retrain, and retain with creativity and discipline.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/27/2018
Comment0 comments  |  Read  |  Post a Comment
First Women-Led Cybersecurity Venture Capital Firm Launches
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Intel Names Window Snyder as Chief Software Security Officer
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The microprocessor giant hires security veteran credited with leading both Microsoft's and Apple's security advancements.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips for Driving User Buy-in to Security Policies
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018
Comment2 comments  |  Read  |  Post a Comment
Demystifying Mental Health in the Infosec Community
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts talk about burnout, diversity, mental health, and legal issues in a new Community track at Black Hat USA.
By Kelly Sheridan Staff Editor, Dark Reading, 6/14/2018
Comment1 Comment  |  Read  |  Post a Comment
LeBron vs. Steph: The NBA Version of Cyber Defense vs. Cyberattacks
Donald Meyer, Head of Cloud and Data Center,  Check Point SoftwareCommentary
It takes an aggressive, swarming approach to overcome the most dangerous threats today.
By Donald Meyer Head of Cloud and Data Center, Check Point Software, 6/13/2018
Comment0 comments  |  Read  |  Post a Comment
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for SplunkCommentary
We deserve a seat at the executive table, and we'll be much better at our jobs once we take it.
By Joel Fulton Chief Information Security Officer for Splunk, 6/13/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Ways Greed Has a Negative Effect on Cybersecurity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
How the security industry can both make money and stay true to its core values, and why that matters.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 6/11/2018
Comment3 comments  |  Read  |  Post a Comment
Threat Landscape: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Insider threats -- desktop attacks, security awareness, caffeine -- all worthy contenders in our cartoon caption competition. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 6/8/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Number of Retailers Impacted by Breaches Doubles
Ericka Chickowski, Contributing Writer, Dark Reading,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19990
PUBLISHED: 2018-07-23
October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. This attack appear to be exploitable v...
CVE-2018-19990
PUBLISHED: 2018-07-23
October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution. This attack appear to be exploitable remotely if the /backend pat...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fix...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provide...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially c...