Endpoint //

Privacy

News & Commentary
3 Tips for Driving User Buy-in to Security Policies
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
74 Arrested in International Email Scam Schemes
Dark Reading Staff, Quick Hits
A coordinated effort has led to the arrest of 74 individuals around the world on charges of defrauding businesses and individuals.
By Dark Reading Staff , 6/11/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Bug Sets 14M Users' Settings to 'Public'
Dark Reading Staff, Quick Hits
The default sharing setting was accidentally changed for millions of accounts during a four-day period last month.
By Dark Reading Staff , 6/8/2018
Comment0 comments  |  Read  |  Post a Comment
In Pursuit of Cryptography's Holy Grail
Ellison Anne Williams, Founder and CEO of EnveilCommentary
Homomorphic encryption eliminates the need for data exposure at any point something that certainly would be welcome these days.
By Ellison Anne Williams Founder and CEO of Enveil, 6/7/2018
Comment0 comments  |  Read  |  Post a Comment
Survey Shows Florida at the Bottom for Consumer Cybersecurity
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new survey shows that residents of the Sunshine State engage in more risky behavior than their counterparts in the other 49 states.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/6/2018
Comment0 comments  |  Read  |  Post a Comment
'EFAIL' Is Why We Cant Have Golden Keys
Adam Shostack, Founder, Stealth StartupCommentary
A deep dive into the issues surrounding an HTML email attack.
By Adam Shostack Founder, Stealth Startup, 6/5/2018
Comment0 comments  |  Read  |  Post a Comment
The Good News about Cross-Domain Identity Management
Rich Chetwynd, Head of Developer Experience, OneLoginCommentary
Adoption of the SCIM open source, standards-based approach for syncing user information between applications is ratcheting up among SaaS vendors as well as enterprises.
By Rich Chetwynd Head of Developer Experience, OneLogin, 5/31/2018
Comment2 comments  |  Read  |  Post a Comment
Facebook Must Patch 2 Billion Human Vulnerabilities; How You Can Patch Yours
Christy Wyatt, CEO, Dtex SystemsCommentary
The situation Facebook is in should be prompting all security teams to evaluate just how defenseless or protected the people in their organizations are.
By Christy Wyatt CEO, Dtex Systems, 5/31/2018
Comment1 Comment  |  Read  |  Post a Comment
GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?
Sara Peters, Senior Editor at Dark ReadingNews
The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.
By Sara Peters Senior Editor at Dark Reading, 5/25/2018
Comment12 comments  |  Read  |  Post a Comment
Privacy Survey Says: Americans Don't Want to Sell Their Data
Dark Reading Staff, Quick Hits
A new survey shows the extent to which Americans are reluctant to sell their personal information for any price.
By Dark Reading Staff , 5/25/2018
Comment6 comments  |  Read  |  Post a Comment
Privacy Group: Facebook, Google Policies Break GDPR Laws
Dark Reading Staff, News
Nonprofit 'None of Your Business' files complaints against Facebook, Google, WhatsApp, and Instagram.
By Dark Reading Staff , 5/25/2018
Comment7 comments  |  Read  |  Post a Comment
GDPR, WHOIS & the Impact on Merchant Risk Security Monitoring
Ron Teicher, CEO & Founder, EverCompliantCommentary
The EU's General Data Protection Regulation will make it harder for law enforcement, forensic investigators, and others to track down everything from credit card fraud to child porn rings.
By Ron Teicher CEO & Founder, EverCompliant, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
A Data Protection Officer's Guide to the Post-GDPR Deadline Reality
Jen Brown, Compliance and Data Protection Officer at Sumo LogicCommentary
The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.
By Jen Brown Compliance and Data Protection Officer at Sumo Logic, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
The Good & Bad News about Blockchain Security
Michael Raziel, CTO, CyberGuild VenturesCommentary
Blockchain technology promises many things. But to succeed, it must offer users a better plan against hackers.
By Michael Raziel CTO, CyberGuild Ventures, 5/23/2018
Comment0 comments  |  Read  |  Post a Comment
What Should Post-Quantum Cryptography Look Like?
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Researchers are tackling the difficult problem of transitioning toward a new mode of cryptographic protections that won't break under the pressure of quantum computing power.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/23/2018
Comment1 Comment  |  Read  |  Post a Comment
GDPR 101: Keeping Data Safe Throughout the 'Supply Chain'
Marc French, Senior VP, Chief Trust Officer & Data Protection Officer, MimecastCommentary
There are a lot of moving pieces involved with data collection, retention, and processing in the EU's new General Data Protection Regulation. Here's how to break down responsibilities between your security team and service providers.
By Marc French Senior VP, Chief Trust Officer & Data Protection Officer, Mimecast, 5/22/2018
Comment0 comments  |  Read  |  Post a Comment
'Roaming Mantis' Android Malware Evolves, Expands Targets
Dark Reading Staff, Quick Hits
Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
By Dark Reading Staff , 5/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Get Ready for 'WannaCry 2.0'
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Another widespread worm attack is "inevitable," but spreading a different more lucrative or destructive payload, experts say.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/17/2018
Comment0 comments  |  Read  |  Post a Comment
Tanium's Valuation Reaches $5 Billion With New Investment
Dark Reading Staff, Quick Hits
Tanium has received a $175 million investment from TPG Growth.
By Dark Reading Staff , 5/17/2018
Comment0 comments  |  Read  |  Post a Comment
Why Isn't Integrity Getting the Attention It Deserves?
Tim Erlin, VP of Product Management & Strategy at TripwireCommentary
A focus on integrity requires a shift in the way many approach security management, but it's one of the most promising approaches to effective enterprise security.
By Tim Erlin VP of Product Management & Strategy at Tripwire, 5/17/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Containerized Apps: An 8-Point Security Checklist
Jai Vijayan, Freelance writer,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-5236
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
CVE-2018-5237
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVE-2018-6211
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
CVE-2018-6212
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect proc...
CVE-2018-6213
PUBLISHED: 2018-06-20
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.