Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

News & Commentary
Cartoon Caption Winner: Greetings, Earthlings
John Klossner, CartoonistCommentary
And the winner of Dark Reading's April cartoon caption contest is ...
By John Klossner Cartoonist, 5/11/2021
Comment0 comments  |  Read  |  Post a Comment
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSecCommentary
Web scraping attacks, like Facebook's recent data leak, can easily lead to more significant breaches.
By Rob Simon Principal Security Consultant at TrustedSec, 5/7/2021
Comment0 comments  |  Read  |  Post a Comment
Foreign Spies Target British Nationals With Fake Social Media Profiles
Dark Reading Staff, Quick Hits
British security agency MI5 has launched a new education campaign to warn potential victims of the attacks.
By Dark Reading Staff , 4/20/2021
Comment0 comments  |  Read  |  Post a Comment
Clear & Present Danger: Data Hoarding Undermines Better Security
Elissa M. Redmiles, Researcher, Max Planck Institute for Software SystemsCommentary
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
By Elissa M. Redmiles Researcher, Max Planck Institute for Software Systems, 4/13/2021
Comment0 comments  |  Read  |  Post a Comment
8 Security & Privacy Apps to Share With Family and Friends
Kelly Sheridan, Staff Editor, Dark Reading
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
600K Payment Card Records Leaked After Swarmshop Breach
Dark Reading Staff, Quick Hits
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.
By Dark Reading Staff , 4/8/2021
Comment0 comments  |  Read  |  Post a Comment
Data Bias in Machine Learning: Implications for Social Justice
Christelle Kamaliza & Suzannah Hicks, Market Research Specialist / Data Scientist & Strategist, IAPPCommentary
Take historically biased data, then add AI and ML to compound and exacerbate the problem.
By Christelle Kamaliza & Suzannah Hicks Market Research Specialist / Data Scientist & Strategist, IAPP, 3/26/2021
Comment0 comments  |  Read  |  Post a Comment
How Personally Identifiable Information Can Put Your Company at Risk
Zack Schuler, Founder and CEO of NINJIOCommentary
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.
By Zack Schuler Founder and CEO of NINJIO, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
What a Federal Data Privacy Law Would Mean for Consumers
Rob Shavell, CEO of Abine / DeleteMeCommentary
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.
By Rob Shavell CEO of Abine / DeleteMe, 3/24/2021
Comment1 Comment  |  Read  |  Post a Comment
Data Protection Is a Group Effort
Rajesh Ganesan, Vice President at ManageEngineCommentary
When every employee is well-versed in customer data privacy principles, the DPO knows the enterprise's sensitive data is in good hands.
By Rajesh Ganesan Vice President at ManageEngine, 3/23/2021
Comment0 comments  |  Read  |  Post a Comment
How Us Shady Geeks Put Others Off Security
Dr. Sauvik Das, Assistant Professor of Interactive Computing, Georgia TechCommentary
Early adopters of security and privacy tools may be perceived by others as paranoid, which, in turn, may repel non-experts from protecting themselves online.
By Dr. Sauvik Das Assistant Professor of Interactive Computing, Georgia Tech, 3/19/2021
Comment0 comments  |  Read  |  Post a Comment
COVID, Healthcare Data & the Dark Web: A Toxic Stew
Greg Foss, Senior Cybersecurity Strategist, VMware Security Business UnitCommentary
The growing treasure trove of healthcare data is proving irresistible -- and profitable -- to bad actors.
By Greg Foss Senior Cybersecurity Strategist, VMware Security Business Unit, 3/17/2021
Comment0 comments  |  Read  |  Post a Comment
Make Sure That Stimulus Check Lands in the Right Bank Account
Tom Pendergast, Chief Learning Officer at MediaPROCommentary
If you haven't already, it's time to build trust relationships with your financial institutions, using strong security, privacy protections and secure, unique user credentials.
By Tom Pendergast Chief Learning Officer at MediaPRO, 3/5/2021
Comment0 comments  |  Read  |  Post a Comment
5 Key Steps Schools Can Take to Defend Against Cyber Threats
Chris Abbey, Manager, Incident Handling, at Red CanaryCommentary
Educational institutions have become prime targets, but there are things they can do to stay safer.
By Chris Abbey Manager, Incident Handling, at Red Canary, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
What Can Your Connected Car Reveal About You?
Alejandro Hernandez, Senior Consultant at IOActiveCommentary
App developers must take responsibility for the security of users' data.
By Alejandro Hernandez Senior Consultant at IOActive, 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Pieter Danhieux, CEO, Chairman, & Co-Founder, Secure Code WarriorCommentary
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
By Pieter Danhieux CEO, Chairman, & Co-Founder, Secure Code Warrior, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Virginia Takes Different Tack Than California With Data Privacy Law
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 2/18/2021
Comment1 Comment  |  Read  |  Post a Comment
4 Predictions for the Future of Privacy
Bart Willemsen, Research Vice President at GartnerCommentary
Use these predictions to avoid pushback, find opportunity, and create value for your organization.
By Bart Willemsen Research Vice President at Gartner, 2/17/2021
Comment0 comments  |  Read  |  Post a Comment
Ransomware Victims' Data Published via DDoSecrets
Dark Reading Staff, Quick Hits
Activists behind Distributed Denial of Secrets has shared 1TB of data pulled from Dark Web sites where it was shared by ransomware attackers.
By Dark Reading Staff , 1/7/2021
Comment0 comments  |  Read  |  Post a Comment
What You Need to Know About California's New Privacy Rules
K Royal, Associate General Counsel at TrustArcCommentary
Proposition 24 will change Californians' rights and business's responsibilities regarding consumer data protection.
By K Royal Associate General Counsel at TrustArc, 1/5/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23872
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOTL interface.
CVE-2021-23891
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
CVE-2021-23892
PUBLISHED: 2021-05-12
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitra...
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
CVE-2021-32606
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)