Network Computing Dark Reading

Advertise

Application Security //

Database Security

News & Commentary

Airbus Employee Info Exposed in Data Breach

Quick Hits

Few details as yet on a cyberattack that hit Airbus' commercial aircraft business.

By Dark Reading Staff , 1/31/2019

0 comments | Read | Post a Comment

Rubrik Data Leak is Another Cloud Misconfiguration Horror Story

Kelly Sheridan, Staff Editor, Dark Reading

News

A server security mishap exposed vast stores of data belonging to clients of Rubrik, a security and cloud management firm.

By Kelly Sheridan Staff Editor, Dark Reading, 1/30/2019

0 comments | Read | Post a Comment

Evidence in Starwood/Marriott Breach May Point to China

Quick Hits

Attackers used methods, tools previously used by known Chinese hackers.

By Dark Reading Staff , 12/6/2018

0 comments | Read | Post a Comment

Starwood Breach Reaction Focuses on 4-Year Dwell

Curtis Franklin Jr., Senior Editor at Dark Reading

News

The unusually long dwell time in the Starwood breach has implications for both parent company Marriott International and the companies watching to learn from.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 12/5/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, If we wait long enough, maybe it will go away and nobody will notice

Quora Breach Exposes Information of 100 Million Users

Quick Hits

The massive breach has exposed passwords for millions who didn't remember having a Quora account.

By Dark Reading Staff , 12/4/2018

0 comments | Read | Post a Comment

First Lawsuits Filed in Starwood Hotels' Breach

Quick Hits

Class-action suits have been filed on behalf of guests and shareholders, with more expected.

By Dark Reading Staff , 12/3/2018

0 comments | Read | Post a Comment

Massive Starwood Hotels Breach Hits 500 Million Guests

News

Among the unknowns: who is behind the breach and how many of the affected records have been sold or used by criminals.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/30/2018

1 Comment | Read | Post a Comment

Latest Comment: ,

Incorrect Assessments of Data Value Putting Organizations at Risk

News

Information security groups often underestimate or overestimate the true value of data assets, making it harder to prioritize controls.

By Jai Vijayan Freelance writer, 11/28/2018

0 comments | Read | Post a Comment

Barclays, Walmart Join New $85M Innovation Coalition

Quick Hits

Innovation incubator Team8 recruits major partners, investors to create new products that help businesses 'thrive by security.'

By Dark Reading Staff , 10/23/2018

2 comments | Read | Post a Comment

Latest Comment: ChristopherJames, Companies are bound to benefit from this coalition especially as they aim to...

Oracle Issues Massive Collection of Critical Security Updates

Quick Hits

The software updates from Oracle address a record number of vulnerabilities.

By Dark Reading Staff , 10/17/2018

3 comments | Read | Post a Comment

Latest Comment: ThomasMaloney, Some users are to complacent when it comes to system updates. Since these updates...

GAO Says Equifax Missed Flaws, Intrusion in Massive Breach

Quick Hits

A report from the Government Accountability Office details the issues found and opportunities missed in the huge 2017 Equifax data breach.

By Dark Reading Staff , 9/10/2018

1 Comment | Read | Post a Comment

Latest Comment: jimmy04, You are doing an amazing job.

T-Mobile Hit With Customer Information Hack

Quick Hits

Approximately 2 million users said to be affected.

By Dark Reading Staff , 8/24/2018

0 comments | Read | Post a Comment

Data Privacy Careers Are Helping to Close the IT Gender Gap

Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.

Commentary

There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?

By Dana Simberkoff Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc., 8/20/2018

7 comments | Read | Post a Comment

Latest Comment: REISEN1955, LOL - yes, i would say that answers that question nicely!!!!!

Australian Teen Hacked Apple Network

Quick Hits

The 16-year-old made off with 90 gigs of sensitive data.

By Dark Reading Staff , 8/17/2018

2 comments | Read | Post a Comment

Latest Comment: RyanSepe, I definitely concur. I feel like the days of crack my security for your interview...

Yale Discloses Data Breach

Quick Hits

The university discloses that someone stole personal information a long time ago.

By Dark Reading Staff , 7/31/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Attention - graduates of the 1896 class should check their credit scores as...

US-CERT Warns of ERP Application Hacking

News

ERP applications such as Oracle and SAP's are open to exploit and under attack, according to a new report referenced in a US-CERT warning.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/25/2018

0 comments | Read | Post a Comment

HR Services Firm ComplyRight Suffers Major Data Breach

News

More than 7,500 customer companies were affected, and the number of individuals whose information was leaked is unknown.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/20/2018

0 comments | Read | Post a Comment

GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?

Sara Peters, Senior Editor at Dark Reading

News

The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.

By Sara Peters Senior Editor at Dark Reading, 5/25/2018

14 comments | Read | Post a Comment

Latest Comment: Ayo99, luckly im not live in europe.. and my target market are asian

Encryption is Necessary, Tools and Tips Make It Easier

News

In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/3/2018

0 comments | Read | Post a Comment

12 Trends Shaping Identity Management

As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'

By Sara Peters Senior Editor at Dark Reading, 4/26/2018

1 Comment | Read | Post a Comment

Latest Comment: RyanSepe, This item has monumental importance. For IAM and PAM to gain widespread acceptance...

More Stories

Current Conversations

Posted by JayceJohnson

If you are looking for assignment help expert than go nowhere else, come at Singaporeassignmenthelp.com and take our excellent writing services. We have subject specific writers in law, management, IT, nursing,...

In reply to: re: Hacking Higher Education
Post Your Own Reply

Posted by needassignmentshelp

Great Post, Thank you for sharing such a good and useful information here.

In reply to: Re: How to alleviate these incidents?
Post Your Own Reply

Posted by alishiasergi

It is nice to read the information provided in your blog and i like this information because it is based on reality and i like this information. And it provides knowledge and useful information to the visitors of this site...

In reply to: re: Hacking Higher Education
Post Your Own Reply

Posted by Aqeel664

Excellent reply but I need website development project I am a BCS student in new york college it's my final year project please me out.

In reply to: Web development education
Post Your Own Reply

Posted by emmawilliamsangel

"Hi, Author!I am very grateful you did share your knowledge here. It is an exuberant post on "Hacking Higher Education" Thank you so much for providing such a useful content.Additionally, these links below are definitely...

In reply to: dissertation help
Post Your Own Reply

Posted by emmawilliamsangel

i read your blog from time to time and i own a similar one, thanks for sharing this article. This article will be very useful and helpful. Read and understand the article and you will get a brilliant idea. I will share this...

In reply to: Re: Vandal Proof Dome Camera
Post Your Own Reply

Posted by ThomasMaloney

Some users are to complacent when it comes to system updates. Since these updates often take a lot of time to complete, users become reluctant to complete them. This opens up the opportunity for their systems to be come...

In reply to: Do not take the risk
Post Your Own Reply

Posted by Harper099

A central document that we have as a background is the GOVERNMENT AUDITING MANUAL [3]. This normative, fundamental document defines the policies and guidelines for the exercise of governmental auditing in...

In reply to: Re: joeym.silva
Post Your Own Reply

Posted by markgrogan

I wonder if it's a better idea to release the patches or just blast them all out at one shot so that people can download all the fixes at one shot. It makes for a shorter down time I reckon? But honestly, the amount...

In reply to: Fix and Patch
Post Your Own Reply

Posted by REISEN1955

If we wait long enough, maybe it will go away and nobody will notice

In reply to: The Ostrich Principle
Post Your Own Reply

Posted by JimDD

The thing that I find so amazing is not that there was a big breach but that approximately 12.5% of the world's population stayed at a Starwood between 2014 and 2018.

In reply to: That many?
Post Your Own Reply

Posted by KellimWorthington

i didn't know much detail about this issues in oracle i am new database this i didn't have much knowledge this is why i don't know what is the issue if anyone full then tells me about this because i wanted to do...

In reply to: update
Post Your Own Reply

More Conversations

Products & Releases

Security Visionary Balbix Expands Its Go-to-Market Strategy through Series B Funding and New Senior Board Members and Executives

cleverDome Launches Secure Financial Services Solution at the 2017 T3 Enterprise Conference

Oracle, SafeLogic and OpenSSL Partner on Next Generation FIPS Module

67 Percent of Used Drives Sold on eBay and Craigslist Hold Personally Identifiable Information and 11 Percent Contain Sensitive Corporate Data

Digital Guardian Secures $66 Million from Leading Financial Investment Firms as Worldwide Demand for Data Protection Accelerates

Skyhigh Cloud Report: Average Healthcare Organization Uploads 6.8 TB of Data Per Month

Dataguise Introduces Big Data Security Suite for On-Premise and Cloud Deployments

CloudLock Expands Cloud Security Offering for Salesforce

More Products & Releases

Hot Topics

Editors' Choice

High Stress Levels Impacting CISOs Physically, Mentally

Jai Vijayan, Freelance writer, 2/14/2019

Valentine's Emails Laced with Gandcrab Ransomware

Kelly Sheridan, Staff Editor, Dark Reading, 2/14/2019

Making the Case for a Cybersecurity Moon Shot

Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer, 2/19/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

[SANS] The Need for Speed: Integrated Threat Response

2018 Cyberthreat Defense Report

Want to Stay In Front of Breaches? Train Like The Marines.

Can Proactive Threat Hunting Save Your Business?

Threat Hunting Report

More White Papers

Cartoon

Latest Comment: Security? Our motto is Move Fast and Break things.

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-3474
PUBLISHED: 2019-02-20

A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

CVE-2019-3475
PUBLISHED: 2019-02-20

A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

CVE-2019-10030
PUBLISHED: 2019-02-20

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

CVE-2019-10030
PUBLISHED: 2019-02-20

A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

CVE-2019-10030
PUBLISHED: 2019-02-20

A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.

Terms of Service
Privacy Statement
Legal Entities