Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

News & Commentary
Social Media: Corporate Cyber Espionage's Channel of Choice
Otavio Freire, CTO & President, SafeGuard CyberCommentary
Proactive defense and automation can help your company deal with scale and prioritize risks in order to more efficiently fight cyber espionage.
By Otavio Freire CTO & President, SafeGuard Cyber, 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
It's Time to Improve Website Identity Indicators, Not Remove Them
Tim Callan, Senior Fellow, SectigoCommentary
Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
By Tim Callan Senior Fellow, Sectigo, 10/24/2019
Comment2 comments  |  Read  |  Post a Comment
FTC Warns Consumers About Stalking Apps
Dark Reading Staff, Quick Hits
Agency offers tips on how to detect and eradicate the spyware.
By Dark Reading Staff , 10/23/2019
Comment0 comments  |  Read  |  Post a Comment
Data Privacy Protections for the Most Vulnerable Children
Dimitri Sirota, Founder & CEO of BigIDCommentary
The business case for why companies that respect the privacy of individuals, and especially minors, will have a strong competitive advantage.
By Dimitri Sirota Founder & CEO of BigID, 10/17/2019
Comment2 comments  |  Read  |  Post a Comment
Twitter Slip-Up Spills MFA Phone Numbers, Emails to Advertisers
Dark Reading Staff, Quick Hits
Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers.
By Dark Reading Staff , 10/9/2019
Comment0 comments  |  Read  |  Post a Comment
7 Considerations Before Adopting Security Standards
Steve Zurier, Contributing Writer
Here's what to think through as you prepare your organization for standards compliance.
By Steve Zurier Contributing Writer, 10/8/2019
Comment1 Comment  |  Read  |  Post a Comment
10 Steps to Assess SOC Maturity in SMBs
Andrew Houshian, Associate Director of SOC and Attestation Services at A-LIGNCommentary
Facing a system and organization controls audit doesn't have to be stressful for small and midsize businesses if they follow these guidelines.
By Andrew Houshian Associate Director of SOC and Attestation Services at A-LIGN, 10/7/2019
Comment0 comments  |  Read  |  Post a Comment
How Network Logging Mitigates Legal Risk
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
Logging that is turned on, captured, and preserved immediately after a cyber event is proof positive that personal data didn't fall into the hands of a cybercriminal.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 9/23/2019
Comment1 Comment  |  Read  |  Post a Comment
One Arrested in Ecuador's Mega Data Leak
Dark Reading Staff, Quick Hits
Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Dark Reading Staff, Quick Hits
Twitter CEO Jack Dorsey's Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
By Dark Reading Staff , 8/30/2019
Comment2 comments  |  Read  |  Post a Comment
Privacy 2019: We're Not Ready
J. Trevor Hughes, President & CEO, IAPPCommentary
To facilitate the innovative use of data and unlock the benefits of new technologies, we need privacy not just in the books but also on the ground.
By J. Trevor Hughes President & CEO, IAPP, 8/29/2019
Comment2 comments  |  Read  |  Post a Comment
Never Forget Your Passwords Again!
Beyond the Edge, Dark Reading
You never know what those late-night infomercials are going to turn up.
By Beyond the Edge Dark Reading, 8/28/2019
Comment0 comments  |  Read  |  Post a Comment
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Steve Zurier, Contributing Writer
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
By Steve Zurier Contributing Writer, 8/27/2019
Comment0 comments  |  Read  |  Post a Comment
Capital One Breach: What Security Teams Can Do Now
Dr. Richard Gold, Head of Security Engineering at Digital ShadowsCommentary
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
By Dr. Richard Gold Head of Security Engineering at Digital Shadows, 8/23/2019
Comment3 comments  |  Read  |  Post a Comment
'Phoning Home': Your Latest Data Exfiltration Headache
Jeff Costlow, CISO, ExtraHopCommentary
Companies phone enterprise customer data home securely and for a variety of perfectly legitimate and useful reasons. The problems stem from insufficient disclosure.
By Jeff Costlow CISO, ExtraHop, 8/21/2019
Comment0 comments  |  Read  |  Post a Comment
The California Consumer Privacy Act's Hidden Surprise Has Big Legal Consequences
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
The CCPA's provision devoted to 'reasonable' cybersecurity procedures and policies could trip up your business. Get ready now.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
FBI Plans to Monitor Social Media May Spark Privacy Issues
Dark Reading Staff, Quick Hits
A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance.
By Dark Reading Staff , 8/12/2019
Comment1 Comment  |  Read  |  Post a Comment
Security Pros, Congress Reps Talk National Cybersecurity at DEF CON
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.
By Kelly Sheridan Staff Editor, Dark Reading, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2019
Sara Peters, Senior Editor at Dark ReadingNews
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
By Sara Peters Senior Editor at Dark Reading, 8/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Yes, FaceApp Really Could Be Sending Your Data to Russia
Marc Rogers, Executive Director of Cybersecurity, OktaCommentary
FaceApp has an unprecedented level of access to data from 150 million users. What could its endgame be? We unpack three potential risks.
By Marc Rogers Executive Director of Cybersecurity, Okta, 8/8/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by yvettejwilliams
Current Conversations Thank you
In reply to: Hi men
Post Your Own Reply
More Conversations
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
CVE-2019-18853
PUBLISHED: 2019-11-11
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVE-2019-18854
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
CVE-2019-18855
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.
CVE-2019-18856
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled.