Analytics
News & Commentary
Going Beyond Checkbox Security
Emily Johnson, Digital Content Editor, InformationWeekCommentaryVideo
Terry Barbounis, cybersecurity evangelist for CenturyLink, stops by the InformationWeek News Desk.
By Emily Johnson Digital Content Editor, InformationWeek, 5/24/2017
Comment0 comments  |  Read  |  Post a Comment
How to Integrate Threat Intel & DevOps
Andrew Storms, VP Security Services, New ContextCommentary
Automating intelligence can help your organization in myriad ways.
By Andrew Storms VP Security Services, New Context, 5/4/2017
Comment1 Comment  |  Read  |  Post a Comment
Call Center Fraud Spiked 113% in 2016
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.
By Dawn Kawamoto Associate Editor, Dark Reading, 4/26/2017
Comment1 Comment  |  Read  |  Post a Comment
Machine Learning in Security: 4 Factors to Consider
Kelly Sheridan, Associate Editor, Dark ReadingNews
Key factors to consider before adding machine learning to your security strategy.
By Kelly Sheridan Associate Editor, Dark Reading, 4/21/2017
Comment1 Comment  |  Read  |  Post a Comment
10 Questions To Get Practical Answers At Interop ITX
Dark Reading Staff, Commentary
May 15-19 in Las Vegas: How to get solutions and advice from top speakers for the things that you really want to know.
By Dark Reading Staff , 4/14/2017
Comment0 comments  |  Read  |  Post a Comment
Teaching Hospitals at Greater Data Breach Risk
Dark Reading Staff, Quick Hits
John Hopkins researcher studies data breaches at hospitals between 2009 and 2016.
By Dark Reading Staff , 4/6/2017
Comment1 Comment  |  Read  |  Post a Comment
Data Visualization: Keeping an Eye on Security
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 3/27/2017
Comment2 comments  |  Read  |  Post a Comment
Fortune 1000 Companies See Security Ratings Drop
Kelly Sheridan, Associate Editor, Dark ReadingNews
Fortune 1000 businesses report more breaches, and lower security performance, than their non-F1000 counterparts.
By Kelly Sheridan Associate Editor, Dark Reading, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Trust, Cloud & the Quest for a Glass Wall around Security
Stan Black, CSO, CitrixCommentary
In the next year, were going to see a leap towards strategic, business-level objectives that can be resolved by simplifying infrastructure and granting greater visibility in real time.
By Stan Black CSO, Citrix, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Today on Dark Reading: Your Costs, Risks & Metrics Questions Answered
Dark Reading Staff, Commentary
First up on the Dark Reading upcoming events calendar is our Dark Reading Virtual Event Tuesday, Feb. 28.
By Dark Reading Staff , 2/27/2017
Comment4 comments  |  Read  |  Post a Comment
20 Cybersecurity Startups To Watch In 2017
Ericka Chickowski, Contributing Writer, Dark Reading
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/24/2017
Comment2 comments  |  Read  |  Post a Comment
Why Identity Has Become A Top Concern For CSOs
Saryu Nayyar, CEO, GuruculCommentary
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
By Saryu Nayyar CEO, Gurucul, 2/14/2017
Comment1 Comment  |  Read  |  Post a Comment
IBM Brings Watson Cognitive Computing To The SOC
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/13/2017
Comment1 Comment  |  Read  |  Post a Comment
How to Handle Threats When Short-Staffed
Dark Reading Staff, CommentaryVideo
Skyboxs Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
By Dark Reading Staff , 2/3/2017
Comment0 comments  |  Read  |  Post a Comment
Over 4.2 Billion Records Exposed In 4,149 Breaches In 2016
Dark Reading Staff, Quick Hits
Survey says US and UK witnessed more than half of 2016 global breaches; 52% of attacks compromised Social Security Numbers.
By Dark Reading Staff , 1/31/2017
Comment0 comments  |  Read  |  Post a Comment
Why Youre Doing Cybersecurity Risk Measurement Wrong
Daniel Gordon, Cyber Intel Analyst, Lockheed Martin Computer Incident Response TeamCommentary
Measuring risk isnt as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
By Daniel Gordon Cyber Intel Analyst, Lockheed Martin Computer Incident Response Team, 1/30/2017
Comment0 comments  |  Read  |  Post a Comment
This Week On Dark Reading: Event Calendar
Dark Reading Staff, Commentary
Devote some time and headspace to improving your skills with these Dark Reading events.
By Dark Reading Staff , 1/25/2017
Comment0 comments  |  Read  |  Post a Comment
Machine Learning For Cybersecurity Not Cybercrime
Liviu Arsene, Senior E-threat Analyst, Bitdefender
Cybercriminals have yet to adopt machine learning for offensive attack strategies - and they probably wont for a long time.
By Liviu Arsene Senior E-threat Analyst, Bitdefender, 1/17/2017
Comment1 Comment  |  Read  |  Post a Comment
Crowdsourcing 20 Answers To Security Ops & IR Questions
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Those who know do not speak. Those who speak do not know. Why it pays to take a hard look at our own incident response functions and operations.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 1/12/2017
Comment2 comments  |  Read  |  Post a Comment
'Molecular' Cybersecurity Vs. Information Cybersecurity
David Zahn, General Manager of Cybersecurity at PASCommentary
When it comes to industrial processes, security begins at the molecular level.
By David Zahn General Manager of Cybersecurity at PAS, 1/10/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by joye121
Current Conversations nice good work
In reply to: new york
Post Your Own Reply
Posted by joye121
Current Conversations good information :)
In reply to: thanks
Post Your Own Reply
Posted by Plumber
Current Conversations I need one myself!!!
In reply to: Plumber Hair Cuts">Re: Plumber Hair Cuts
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.