Slideshows

Latest Content
<<   <   Page 2 / 2
6 Ways DevOps Can Supercharge Security
Slideshows  |  8/2/2018  | 
Security teams have a huge opportunity to make major inroads by embracing the DevOps movement.
10 More Women in Security You May Not Know But Should
Slideshows  |  7/31/2018  | 
The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar yet.
8 Steps Toward Safer Elections
Slideshows  |  7/26/2018  | 
Heres some advice from leading authorities on how state and local governments can adapt to an environment where election systems will inevitably be hacked.
7 Ways to Better Secure Electronic Health Records
Slideshows  |  7/24/2018  | 
Healthcare data is prime targets for hackers. What can healthcare organizations do to better protect all of that sensitive information?
6 Ways to Tell an Insider Has Gone Rogue
Slideshows  |  7/19/2018  | 
Malicious activity by trusted users can be very hard to catch, so look for these red flags.
10 Ways to Protect Protocols That Aren't DNS
Slideshows  |  7/16/2018  | 
Here's how to safeguard three other network foundation protocols so they don't become weapons or critical vulnerabilities.
8 Big Processor Vulnerabilities in 2018
Slideshows  |  7/13/2018  | 
Security researchers have been working in overdrive examining processors for issues and they haven't come up empty-handed.
7 Ways to Keep DNS Safe
Slideshows  |  7/10/2018  | 
A DNS attack can have an outsize impact on the targeted organization or organizations. Here's how to make hackers' lives much more difficult.
6 M&A Security Tips
Slideshows  |  7/9/2018  | 
Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.
9 SMB Security Trends
Slideshows  |  7/5/2018  | 
SMBs understand they have to focus more on cybersecurity. Here's a look at the areas they say matter most.
6 Drivers of Mental and Emotional Stress in Infosec
Slideshows  |  7/2/2018  | 
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
The 6 Worst Insider Attacks of 2018 So Far
Slideshows  |  6/29/2018  | 
Stalkers, fraudsters, saboteurs, and all nature of malicious insiders have put the hurt on some very high-profile employers.
10 Tips for More Secure Mobile Devices
Slideshows  |  6/27/2018  | 
Mobile devices can be more secure than traditional desktop machines - but only if the proper policies and practices are in place and in use.
8 Security Tips for a Hassle-Free Summer Vacation
Slideshows  |  6/23/2018  | 
It's easy to let your guard down when you're away. Hackers know that, too.
7 Places Where Privacy and Security Collide
Slideshows  |  6/21/2018  | 
Privacy and security can experience tension at a number of points in the enterprise. Here are seven plus some possibilities for easing the strain.
The Best and Worst Tasks for Security Automation
Slideshows  |  6/20/2018  | 
As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
7 Ways Cybercriminals Are Scamming a Fortune from Cryptocurrencies
Slideshows  |  6/18/2018  | 
Cryptocurrencies, how do hackers love thee? Let us count the ways.
Containerized Apps: An 8-Point Security Checklist
Slideshows  |  6/14/2018  | 
Here are eight measures to take to ensure the security of your containerized application environment.
7 Variants (So Far) of Mirai
Slideshows  |  6/7/2018  | 
Mirai is an example of the newest trend in rapidly evolving, constantly improving malware. These seven variants show how threat actors are making bad malware worse.
10 Open Source Security Tools You Should Know
Slideshows  |  6/5/2018  | 
Open source tools can be the basis for solid security and intense learning. Here are 10 you should know about for your IT security toolkit.
5 Tips for Protecting SOHO Routers Against the VPNFilter Malware
Slideshows  |  6/2/2018  | 
Most home office users need to simply power cycle their routers and disable remote access; enterprises with work-at-home employees should move NAS behind the firewall.
6 Security Investments You May Be Wasting
Slideshows  |  5/31/2018  | 
Not all tools and services provide the same value. Some relatively low-cost practices have a major payoff while some of the most expensive tools make little difference.
6 Ways Third Parties Can Trip Up Your Security
Slideshows  |  5/29/2018  | 
Poor access control, inadequate patch management, and non-existent DR practices are just some of the ways a third party can cause problems
10 Free DevOps-Friendly Security Tools Developers Will Love
Slideshows  |  5/25/2018  | 
Start building an affordable DevSecOps automation toolchain with these free application security tools.
6 Steps for Applying Data Science to Security
Slideshows  |  5/23/2018  | 
Two experts share their data science know-how in a tutorial focusing on internal DNS query analysis.
Cracking 2FA: How It's Done and How to Stay Safe
Slideshows  |  5/17/2018  | 
Two-factor authentication is a common best security practice but not ironclad. Here's how it can be bypassed, and how you can improve security.
7 Tools for Stronger IoT Security, Visibility
Slideshows  |  5/16/2018  | 
If you don't know what's on your IoT network, you don't know what to protect -- or protect from. These tools provide visibility into your network so you can be safe with (and from) what you see.
8 Ways Hackers Can Game Air Gap Protections
Slideshows  |  5/11/2018  | 
Isolating critical systems from connectivity isn't a guarantee they can't be hacked.
Calculating Cloud Cost: 8 Factors to Watch
Slideshows  |  5/9/2018  | 
If you're not careful and don't regularly assess the impact of your usage, moving to the cloud could have a negative impact on your bottom line.
10 Lessons From an IoT Demo Lab
Slideshows  |  5/7/2018  | 
The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.
5 Ways to Better Use Data in Security
Slideshows  |  5/5/2018  | 
Use these five tips to get your security shop thinking more strategically about data.
6 Enterprise Password Managers That Lighten the Load for Security
Slideshows  |  5/3/2018  | 
EPMs offer the familiar password wallet with more substantial administrative management and multiple deployment models.
10 Security Innovators to Watch
Slideshows  |  4/30/2018  | 
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."
12 Trends Shaping Identity Management
Slideshows  |  4/26/2018  | 
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
Cybersecurity Buzz Phrase Bingo
Slideshows  |  4/24/2018  | 
The RSA Conference expo was chock full of vendors showing off their wares with language as colorful as the blinky lights on a SOC dashboard.
8 Ways Hackers Monetize Stolen Data
Slideshows  |  4/17/2018  | 
Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
7 Non-Financial Data Types to Secure
Slideshows  |  4/14/2018  | 
Credit card and social security numbers aren't the only sensitive information that requires protection.
7 Steps to a Smooth, Secure Cloud Transition
Slideshows  |  4/13/2018  | 
Security leaders share their top steps to keep in mind as your organization moves data and applications to the cloud.
Stats on the Cybersecurity Skills Shortage: How Bad Is It, Really?
Slideshows  |  4/11/2018  | 
Is it just a problem of too few security professionals, or are there other reasons enterprises struggle to build infosec teams?
6 Myths About IoT Security
Slideshows  |  4/9/2018  | 
Here are common misconceptions about securing these devices - and tips for locking them down.
7 Deadly Security Sins of Web Applications
Slideshows  |  4/3/2018  | 
The top ways organizations open themselves up to damaging Web app attacks.
10 Women in Security You May Not Know But Should
Slideshows  |  3/30/2018  | 
The first in a series of articles shining a spotlight on women who are quietly changing the game in cybersecurity.
8 Security Spring Cleaning Tips for the Home Office
Slideshows  |  3/26/2018  | 
Use these ideas to sharpen up your home office machine against potential intruders.
7 Ways to Protect Against Cryptomining Attacks
Slideshows  |  3/22/2018  | 
Implementing basic security hygiene can go a long way in ensuring your systems and website don't get hijacked.
7 Spectre/Meltdown Symptoms That Might Be Under Your Radar
Slideshows  |  3/20/2018  | 
The Spectre/Meltdown pair has a set of major effects on computing but there are impacts on the organization that IT leaders might not have considered in the face of the immediate problem.
Who Does What in Cybersecurity at the C-Level
Slideshows  |  3/16/2018  | 
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
What CISOs Should Know About Quantum Computing
Slideshows  |  3/13/2018  | 
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
7 University-Connected Cyber Ranges to Know Now
Slideshows  |  3/9/2018  | 
Universities are beginning to add cyber ranges to the facilities for teaching cyber security to students and professionals.
6 Questions to Ask Your Cloud Provider Right Now
Slideshows  |  3/5/2018  | 
Experts share the security-focused issues all businesses should explore when researching and using cloud services.
Hacking on TV: 8 Binge-Worthy and Cringe-Worthy Examples
Slideshows  |  2/28/2018  | 
From the psycho-drama Mr. Robot to portraying the outright dangers of ransomware taking down a hospital in Greys Anatomy, hacking themes now run deep in todays TV shows.
<<   <   Page 2 / 2


How Cybercriminals Clean Their Dirty Money
Alexon Bell, Global Head of AML & Compliance, Quantexa,  1/22/2019
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Sara Peters, Senior Editor at Dark Reading,  1/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-15720
PUBLISHED: 2019-01-23
In Apache Airflow 1.8.2 and earlier, an authenticated user can execute code remotely on the Airflow webserver by creating a special object.
CVE-2017-17835
PUBLISHED: 2019-01-23
In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow.
CVE-2017-17836
PUBLISHED: 2019-01-23
In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, weather it be via XSS or by leaving a machine unlocked can exfil all credentials from the system.
CVE-2018-15614
PUBLISHED: 2019-01-23
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11.0 ...
CVE-2018-20245
PUBLISHED: 2019-01-23
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.