Analytics
News & Commentary
Profile Of A Cybercrime Petty Thief
Sara Peters, Senior Editor at Dark ReadingNews
Trend Micro provides peek at methods of amateur, lone-wolf carder.
By Sara Peters Senior Editor at Dark Reading, 5/26/2015
Comment0 comments  |  Read  |  Post a Comment
5 Signs Credentials In Your Network Are Being Compromised
Idan Tendler, CEO, FortscaleCommentary
Where should you start to keep ahead of attackers using insiders to steal corporate secrets or personal identifiable information? Check out these common scenarios.
By Idan Tendler CEO, Fortscale, 5/20/2015
Comment1 Comment  |  Read  |  Post a Comment
Drinking from the Malware Fire Hose
John Bambenek , Senior Threat Researcher, Fidelis Cybersecurity
Take a staged approach to processing malware in bulk so that scarce and time-limited resources can be prioritized for only those threats that truly require them.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 5/15/2015
Comment0 comments  |  Read  |  Post a Comment
Big Data & The Security Skills Shortage
Peter Schlampp, VP of Products, PlatforaCommentary
Finding a security analyst with the data discovery experience to combat modern threats is like searching for the mythical unicorn. The person does not exist
By Peter Schlampp VP of Products, Platfora, 4/29/2015
Comment4 comments  |  Read  |  Post a Comment
Note To Vendors: CISOs Don’t Want Your Analytical Tools
Rick Gordon, Managing Partner, Mach37 Cyber AcceleratorCommentary
What they need are solutions that deliver prioritized recommendations and confidence in the analytical rigor behind those recommendations to take meaningful action.
By Rick Gordon Managing Partner, Mach37 Cyber Accelerator, 4/28/2015
Comment6 comments  |  Read  |  Post a Comment
The Rise of Counterintelligence in Malware Investigations
John Bambenek , Senior Threat Researcher, Fidelis Cybersecurity
The key to operationalizing cybersecurity threat intelligence rests in the critical thinking that establishes that a given indicator is, in fact, malicious.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 4/22/2015
Comment1 Comment  |  Read  |  Post a Comment
RSA: Follow Keynote Sessions on Dark Reading
Sara Peters, Senior Editor at Dark ReadingNews
From the Cryptographer's Panel to the RSA CEO's advice for the security industry, here's how the conference kicked off in San Francisco Tuesday.
By Sara Peters Senior Editor at Dark Reading, 4/21/2015
Comment2 comments  |  Read  |  Post a Comment
Inside the 4 Most Common Threat Actor Tools
 Dr. Chase Cunningham, Head of Threat Intelligence, FireHostCommentary
How do you prevent your environment from becoming the next target? Turn the tables on your attackers.
By Dr. Chase Cunningham Head of Threat Intelligence, FireHost, 4/17/2015
Comment0 comments  |  Read  |  Post a Comment
Harnessing The Power Of Cyber Threat Intelligence
Stu Solomon,  VP, General Counsel & Chief Risk Officer, iSIGHT PartnersCommentary
Here are six real-world examples of how changing your modus operandi from reactive to proactive can drive rapid response to the threats that matter.
By Stu Solomon VP, General Counsel & Chief Risk Officer, iSIGHT Partners, 4/16/2015
Comment2 comments  |  Read  |  Post a Comment
Predictive Analytics: The Future Is Now
Vincent Weafer, Senior Vice President, Intel Security
Enhanced analytical capabilities will help organizations better understand how attacks will unfold, and how to stop them in their earliest stages.
By Vincent Weafer Senior Vice President, Intel Security, 4/15/2015
Comment0 comments  |  Read  |  Post a Comment
Why Standardized Threat Data Will Help Stop the Next Big Breach
Bill Nelson, President & CEO, Financial Services Information Sharing and Analysis Center (FS-ISAC) and CEO, SoltraCommentary
Adopting industry standards for threat intelligence will reduce a lot of the heavy lifting and free cyber security first responders to focus on what they do best.
By Bill Nelson President & CEO, Financial Services Information Sharing and Analysis Center (FS-ISAC) and CEO, Soltra, 4/15/2015
Comment0 comments  |  Read  |  Post a Comment
Solving the Right Problem: Stop Adversaries, Not Just Their Tools
Dmitri Alperovitch, Co-Founder & CTO, CrowdStrikeCommentary
A malware-centric strategy is mere child’s play against today’s sophisticated adversaries. Here’s why.
By Dmitri Alperovitch Co-Founder & CTO, CrowdStrike, 4/9/2015
Comment0 comments  |  Read  |  Post a Comment
Obama’s War On Hackers
Jeremiah Grossman, Commentary
Cybersecurity legislation, for the most part, is a good idea. But not without protections for bug bounty programs and other vital, proactive security research.
By Jeremiah Grossman , 4/6/2015
Comment2 comments  |  Read  |  Post a Comment
Principles of Malware Sinkholing
John Bambenek , Senior Threat Researcher, Fidelis Cybersecurity
The process of sinkholing is an important tool to have in your arsenal when dealing with emerging threats.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 4/6/2015
Comment0 comments  |  Read  |  Post a Comment
8 Identity & Access Metrics To Manage Breach Risks
Ericka Chickowski, Contributing Writer, Dark Reading
Measurables for improving security posture around access controls.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/2/2015
Comment0 comments  |  Read  |  Post a Comment
Healthcare Is Ignoring Cyber Risk Intel, Academia Even Worse
Jason Polancich, Founder & Chief Architect, SurfWatchLabsCommentary
Healthcare and other sectors are indolently ignoring the process of gathering and using high-level intelligence to focus cyber defenses. Here’s proof.
By Jason Polancich Founder & Chief Architect, SurfWatchLabs, 3/31/2015
Comment5 comments  |  Read  |  Post a Comment
Cyber Hunting: 5 Tips To Bag Your Prey
David J. Bianco, Security Architect, SqrrlCommentary
Knowing the lay of the land and where attackers hide is a key element in hunting, both in nature and in the cyber realm.
By David J. Bianco Security Architect, Sqrrl, 3/26/2015
Comment8 comments  |  Read  |  Post a Comment
FBI Threat Intelligence Cyber-Analysts Still Marginalized In Agency
Sara Peters, Senior Editor at Dark ReadingNews
Despite good progress, 9/11 Review Commission says that analysts could have a greater impact on FBI counter-terrorism activities if they had more domain awareness, forensics capabilities, and were more empowered to question agents.
By Sara Peters Senior Editor at Dark Reading, 3/25/2015
Comment1 Comment  |  Read  |  Post a Comment
Retailers Adopt Intel-Sharing Portal Used By Banks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Th Retail Cyber Intelligence Sharing Center (R-CISC) is working with the Financial Services ISAC (FS-ISAC) on its new threat intelligence-sharing platform.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 3/24/2015
Comment0 comments  |  Read  |  Post a Comment
Context: Finding The Story Inside Your Security Operations Program
Joshua Goldfarb, VP & CTO - Americas, FireEye.Commentary
What’s missing in today’s chaotic, alert-driven incident response queue is the idea of a narrative that provides a detailed understanding of how an attack actually unfolds.
By Joshua Goldfarb VP & CTO - Americas, FireEye., 3/23/2015
Comment6 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9710
Published: 2015-05-27
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time windo...

CVE-2014-9715
Published: 2015-05-27
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that trig...

CVE-2015-1157
Published: 2015-05-27
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2)...

CVE-2015-2666
Published: 2015-05-27
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to t...

CVE-2015-2830
Published: 2015-05-27
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate...

Dark Reading Radio
Archived Dark Reading Radio
After a serious cybersecurity incident, everyone will be looking to you for answers -- but you’ll never have complete information and you’ll never have enough time. So in those heated moments, when a business is on the brink of collapse, how will you and the rest of the board room executives respond?