Endpoint //

Privacy

News & Commentary
Why Hackers Love Healthcare
Allan Alford, Chief Information Security OfficerCommentary
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
By Allan Alford Chief Information Security Officer, 4/26/2018
Comment0 comments  |  Read  |  Post a Comment
Why Information Integrity Attacks Pose New Security Challenges
Tamer Hassan, Co-Founder & CTO, White OpsCommentary
To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.
By Tamer Hassan Co-Founder & CTO, White Ops, 4/25/2018
Comment0 comments  |  Read  |  Post a Comment
'Stresspaint' Targets Facebook Credentials
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New malware variant goes after login credentials for popular Facebook pages.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/24/2018
Comment0 comments  |  Read  |  Post a Comment
Digital Identity Makes Headway Around the World
Dan Puterbaugh, Senior Legal Advocate for Adobe Document CloudCommentary
The US is lagging behind the digital ID leaders.
By Dan Puterbaugh Senior Legal Advocate for Adobe Document Cloud, 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
Biometrics Are Coming & So Are Security Concerns
Michael Fauscette, Chief Research Officier at G2 CrowdCommentary
Could these advanced technologies be putting user data at risk?
By Michael Fauscette Chief Research Officier at G2 Crowd, 4/20/2018
Comment0 comments  |  Read  |  Post a Comment
DHS Helps Shop Android IPS Prototype
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
A MITRE-developed intrusion prevention system for mobile technology is showcased here this week at the RSA Conference.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/18/2018
Comment0 comments  |  Read  |  Post a Comment
Why We Need Privacy Solutions That Scale Across Borders
Chris Babel, CEO, TrustArcCommentary
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
By Chris Babel CEO, TrustArc, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Companies Still Suffering From Poor Credential Hygiene: New Report
Dark Reading Staff, Quick Hits
Credentials are being mis-handled and it's hurting most companies, according to a new report out today.
By Dark Reading Staff , 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
How GDPR Forces Marketers to Rethink Data & Security
Roger Kjensrud, CTO, ImpactCommentary
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
By Roger Kjensrud CTO, Impact, 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
7 Non-Financial Data Types to Secure
Curtis Franklin Jr., Senior Editor at Dark Reading
Credit card and social security numbers aren't the only sensitive information that requires protection.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Power Line Vulnerability Closes Air Gap
Dark Reading Staff, Quick Hits
A new demonstration of malware shows that air-gapped computers may still be at risk.
By Dark Reading Staff , 4/13/2018
Comment0 comments  |  Read  |  Post a Comment
Businesses Calculate Cost of GDPR as Deadline Looms
Kelly Sheridan, Staff Editor, Dark ReadingNews
Surveys highlight the financial burden of GDPR as companies scramble to meet the May 25 deadline.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Rolls Out 'Data Abuse Bounty' Program
Kelly Sheridan, Staff Editor, Dark ReadingNews
The social media giant also got hit with a lawsuit the day before unveiling its new reward program.
By Kelly Sheridan Staff Editor, Dark Reading, 4/11/2018
Comment0 comments  |  Read  |  Post a Comment
89% of Android Users Didn't Consent to Facebook Data Collection
Dark Reading Staff, Quick Hits
A new survey shows most Android users did not give Facebook permission to collect their call and text data.
By Dark Reading Staff , 4/10/2018
Comment4 comments  |  Read  |  Post a Comment
Study Finds Petabytes of Sensitive Data Open to the Internet
Dark Reading Staff, Quick Hits
New research by Digital Shadows finds more than 1.5 billion sensitive files are open to discovery on the internet.
By Dark Reading Staff , 4/6/2018
Comment0 comments  |  Read  |  Post a Comment
Panera Bread Leaves Millions of Customer Records Exposed Online
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/3/2018
Comment1 Comment  |  Read  |  Post a Comment
Hudson's Bay Brands Hacked, 5 Million Credit Card Accounts Stolen
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The infamous Carbanak/FIN7 cybercrime syndicate breached Saks and Lord & Taylor and is now selling some of the stolen credit card accounts on the Dark Web.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/2/2018
Comment0 comments  |  Read  |  Post a Comment
Under Armour App Breach Exposes 150 Million Records
Dark Reading Staff, Quick Hits
A breach in a database for MyFitnessPal exposes information on 150 million users.
By Dark Reading Staff , 3/30/2018
Comment0 comments  |  Read  |  Post a Comment
New Android Cryptojacker Can Brick Phones
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Mobile cryptojacking malware mines Monero.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/28/2018
Comment0 comments  |  Read  |  Post a Comment
Destructive and False Flag Cyberattacks to Escalate
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Rising geopolitical tensions between the US and Russia, Iran, and others are the perfect recipe for nastier nation-state cyberattacks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 3/28/2018
Comment10 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Diversity: It's About Inclusion
Kelly Jackson Higgins, Executive Editor at Dark Reading,  4/25/2018
Threat Intel: Finding Balance in an Overcrowded Market
Kelly Sheridan, Staff Editor, Dark Reading,  4/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.