Operations
News & Commentary
Most General Counsels Fret over Data Security
Dark Reading Staff, Quick Hits
An overwhelming percentage of in-house attorneys say cyberattacks and the impact on their business keeps them up at night, a recent survey shows.
By Dark Reading Staff , 6/22/2017
Comment0 comments  |  Read  |  Post a Comment
KPMG: Cybersecurity Has Reached a Tipping Point from Tech to CEO Business Issue
Tony Buffomante, KPMG, U.S. Cyber Security Services LeaderCommentary
Still, a majority of US-based chief execs say they will be maintaining and not investing in security technology over the next three years, a recent study shows.
By Tony Buffomante KPMG, U.S. Cyber Security Services Leader, 6/22/2017
Comment0 comments  |  Read  |  Post a Comment
WannaCry? Youre Not Alone: The 5 Stages of Security Grief
Eric Thomas, Director of Solutions Architecture, ExtraHopCommentary
As breach after breach hits the news, security professionals cope with the classic experiences of denial, anger, bargaining, depression, and acceptance.
By Eric Thomas Director of Solutions Architecture, ExtraHop, 6/22/2017
Comment2 comments  |  Read  |  Post a Comment
The Folly of Vulnerability & Patch Management for ICS Networks
Galina Antova & Patrick McBride, Co-founder & Chief Marketing Officer, ClarotyCommentary
Yes, such efforts matter. But depending on them can give a false sense of security.
By Galina Antova & Patrick McBride Co-founder & Chief Marketing Officer, Claroty, 6/21/2017
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Launches New Conference on Cyber Defense
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Trusted IDs Gain Acceptance in Smart Building Environment
Dark Reading Staff, Quick Hits
A majority of survey respondents believe identities can be connected across multiple systems and devices through a single ID card or mobile phone.
By Dark Reading Staff , 6/20/2017
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Accenture Team up on Blockchain for Digital ID Network
Dark Reading Staff, Quick Hits
Microsoft and Accenture use blockchain tech to build a digital ID network, which will help give legal identification to 1.1 billion people without official documents.
By Dark Reading Staff , 6/19/2017
Comment0 comments  |  Read  |  Post a Comment
Climbing the Security Maturity Ladder in Cloud
Daniel Mellen, Accenture Managing Director, SecurityCommentary
These five steps will insure that you achieve the broadest coverage for onboarding your most sensitive workloads.
By Daniel Mellen Accenture Managing Director, Security, 6/15/2017
Comment0 comments  |  Read  |  Post a Comment
Trumps Executive Order: What It Means for US Cybersecurity
Carson Sweet, Co-Founder & CTO, CloudPassageCommentary
The provisions are all well and good, but its hardly the first time theyve been ordered by the White House.
By Carson Sweet Co-Founder & CTO, CloudPassage, 6/15/2017
Comment0 comments  |  Read  |  Post a Comment
By the Numbers: Parsing the Cybersecurity Challenge
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Why your CEO should rethink company security priorities in the drive for digital business growth.
By Marc Wilczek Digital Strategist & CIO Advisor, 6/14/2017
Comment3 comments  |  Read  |  Post a Comment
Survey: 58% of Security and Development Teams Play Nice
Dark Reading Staff, Quick Hits
Despite frequent talk of tension between software development and security teams, it turns out more than half of organizations surveyed have these two groups collaborating.
By Dark Reading Staff , 6/14/2017
Comment0 comments  |  Read  |  Post a Comment
Deep Learning's Growing Impact on Security
Pete Hunt, co-founder, CEO, and product engineer at SmyteCommentary
Neural networks are now practical for real-world applications, cutting back on work needed from analysts.
By Pete Hunt co-founder, CEO, and product engineer at Smyte, 6/13/2017
Comment0 comments  |  Read  |  Post a Comment
First Malware Designed Solely for Electric Grids Caused 2016 Ukraine Outage
Jai Vijayan, Freelance writerNews
Attackers used CrashOverride/Industroyer to cause a partial power outage in Kiev, Ukraine, but it can be used anywhere, say researchers at Dragos and ESET.
By Jai Vijayan Freelance writer, 6/12/2017
Comment1 Comment  |  Read  |  Post a Comment
Security Orchestration Fine-Tunes the Incident Response Process
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Emerging orchestration technology can cut labor-intensive tasks for security analysts.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/8/2017
Comment2 comments  |  Read  |  Post a Comment
From Reporter to Private Investigator to Security Engineer
Tad Whitaker, Security Engineer, CircleCICommentary
How I fell in love with coding and traded in a camera-rigged Prius for a MacBook and a GitHub account.
By Tad Whitaker Security Engineer, CircleCI, 6/8/2017
Comment1 Comment  |  Read  |  Post a Comment
Why Compromised Identities Are ITs Fault
Saryu Nayyar, CEO, GuruculCommentary
The eternal battle between IT and security is the source of the problem.
By Saryu Nayyar CEO, Gurucul, 6/7/2017
Comment2 comments  |  Read  |  Post a Comment
Cybersecurity Stands as Big Sticking Point in Software M&A
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The breach that was the fly in the ointment of the Yahoo-Verizon deal is one of many now surfacing as security of acquired firms starts to become a point of negotiation.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/7/2017
Comment0 comments  |  Read  |  Post a Comment
Why Phishing Season Lasts All Year for Top US Retailers
Tim Helming, Director of Product Management, DomainToolsCommentary
No major brand is immune from cyber squatters; the more popular the company, the more look-alike domains phishers register as bait. Here are some techniques to watch out for.
By Tim Helming Director of Product Management, DomainTools, 6/6/2017
Comment2 comments  |  Read  |  Post a Comment
Advice for Windows Migrations: Automate as Much as Possible
Kenny Covington, System Administrator for Riverside Health SystemCommentary
The security lessons Riverside Health System learned when moving to Windows 7 will help it quickly move to Windows 10.
By Kenny Covington System Administrator for Riverside Health System, 6/6/2017
Comment1 Comment  |  Read  |  Post a Comment
Securely Managing Employee Turnover: 3 Tips
Greg Kushto, Senior Director of Security & Solutions Engineering at Force 3Commentary
Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
By Greg Kushto Senior Director of Security & Solutions Engineering at Force 3, 6/5/2017
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
The Dark Reading Security Spending Survey
The Dark Reading Security Spending Survey
Enterprises are spending an unprecedented amount of money on IT security where does it all go? In this survey, Dark Reading polled senior IT management on security budgets and spending plans, and their priorities for the coming year. Download the report and find out what they had to say.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.