News & Commentary
Latest Content tagged with Operations
Page 1 / 2   >   >>
Virginia Consultant Charged with Espionage
Quick Hits  |  6/23/2017  | 
Federal authorities charged a consultant with espionage for transmitting top secret and secret documents to China.
Most General Counsels Fret over Data Security
Quick Hits  |  6/22/2017  | 
An overwhelming percentage of in-house attorneys say cyberattacks and the impact on their business keeps them up at night, a recent survey shows.
KPMG: Cybersecurity Has Reached a Tipping Point from Tech to CEO Business Issue
Commentary  |  6/22/2017  | 
Still, a majority of US-based chief execs say they will be maintaining and not investing in security technology over the next three years, a recent study shows.
WannaCry? Youre Not Alone: The 5 Stages of Security Grief
Commentary  |  6/22/2017  | 
As breach after breach hits the news, security professionals cope with the classic experiences of denial, anger, bargaining, depression, and acceptance.
The Folly of Vulnerability & Patch Management for ICS Networks
Commentary  |  6/21/2017  | 
Yes, such efforts matter. But depending on them can give a false sense of security.
Dark Reading Launches New Conference on Cyber Defense
Commentary  |  6/21/2017  | 
November event will focus on attendee interaction, "blue team" best practices
Trusted IDs Gain Acceptance in Smart Building Environment
Quick Hits  |  6/20/2017  | 
A majority of survey respondents believe identities can be connected across multiple systems and devices through a single ID card or mobile phone.
Microsoft, Accenture Team up on Blockchain for Digital ID Network
Quick Hits  |  6/19/2017  | 
Microsoft and Accenture use blockchain tech to build a digital ID network, which will help give legal identification to 1.1 billion people without official documents.
Climbing the Security Maturity Ladder in Cloud
Commentary  |  6/15/2017  | 
These five steps will insure that you achieve the broadest coverage for onboarding your most sensitive workloads.
Trumps Executive Order: What It Means for US Cybersecurity
Commentary  |  6/15/2017  | 
The provisions are all well and good, but its hardly the first time theyve been ordered by the White House.
By the Numbers: Parsing the Cybersecurity Challenge
Commentary  |  6/14/2017  | 
Why your CEO should rethink company security priorities in the drive for digital business growth.
Survey: 58% of Security and Development Teams Play Nice
Quick Hits  |  6/14/2017  | 
Despite frequent talk of tension between software development and security teams, it turns out more than half of organizations surveyed have these two groups collaborating.
Deep Learning's Growing Impact on Security
Commentary  |  6/13/2017  | 
Neural networks are now practical for real-world applications, cutting back on work needed from analysts.
First Malware Designed Solely for Electric Grids Caused 2016 Ukraine Outage
News  |  6/12/2017  | 
Attackers used CrashOverride/Industroyer to cause a partial power outage in Kiev, Ukraine, but it can be used anywhere, say researchers at Dragos and ESET.
Security Orchestration Fine-Tunes the Incident Response Process
News  |  6/8/2017  | 
Emerging orchestration technology can cut labor-intensive tasks for security analysts.
From Reporter to Private Investigator to Security Engineer
Commentary  |  6/8/2017  | 
How I fell in love with coding and traded in a camera-rigged Prius for a MacBook and a GitHub account.
Why Compromised Identities Are ITs Fault
Commentary  |  6/7/2017  | 
The eternal battle between IT and security is the source of the problem.
Cybersecurity Stands as Big Sticking Point in Software M&A
News  |  6/7/2017  | 
The breach that was the fly in the ointment of the Yahoo-Verizon deal is one of many now surfacing as security of acquired firms starts to become a point of negotiation.
Why Phishing Season Lasts All Year for Top US Retailers
Commentary  |  6/6/2017  | 
No major brand is immune from cyber squatters; the more popular the company, the more look-alike domains phishers register as bait. Here are some techniques to watch out for.
Advice for Windows Migrations: Automate as Much as Possible
Commentary  |  6/6/2017  | 
The security lessons Riverside Health System learned when moving to Windows 7 will help it quickly move to Windows 10.
Securely Managing Employee Turnover: 3 Tips
Commentary  |  6/5/2017  | 
Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
Hollywood Film Studio Seeks Up-And-Coming Hackers for Reality TV Show
Quick Hits  |  6/2/2017  | 
New program on major cable network will feature competitions, personalities.
Security & Development: Better Together
Commentary  |  6/1/2017  | 
How DevSecOps removes the silos between security and application development teams so that everyone can work together at the same speed.
SMB Security: Dont Leave the Smaller Companies Behind
Commentary  |  6/1/2017  | 
Helping improve the security posture of small and medium-sized businesses should be a priority for security organizations of all sizes.
Cybersecurity Insurance Lacking at 50% of US Companies
Quick Hits  |  5/31/2017  | 
While half of US security professionals say their companies passed on cybersecurity insurance, the figure is far higher in healthcare, according to a survey released today.
The Case for Disclosing Insider Breaches
Commentary  |  5/31/2017  | 
Too often organizations try to sweep intentional, accidental or negligent employee theft of data under the rug. Heres why they shouldnt.
Securing the Human a Full-Time Commitment
News  |  5/30/2017  | 
Encouraging the people in your organization to make safer cyber decisions requires dedicated brainpower to pull off, SANS study shows.
In the Cloud, Evolving Infrastructure Means Evolving Alliances
Commentary  |  5/25/2017  | 
New opportunities make for unusual bedfellows. Here's how to navigate the shift in organizational dynamics between security operations, line-of-business managers, and developers.
You Have One Year to Make GDPR Your Biggest Security Victory Ever
News  |  5/25/2017  | 
The EU's new razor-toothed data privacy law could either rip you apart or help you create the best security program you've ever had. Here's how.
Medical Devices Fall Short in Security Best Practices
News  |  5/25/2017  | 
More than half of medical device makers and healthcare delivery organizations anticipate an attack on their medical devices within the next 12 months, but only a smattering take significant steps to prevent it, according to a survey released today.
Unsanctioned Computer Support Costs Companies $88K per Year
Quick Hits  |  5/24/2017  | 
A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.
Data Security & Privacy: The Risks of Not Playing by the Rules
Commentary  |  5/24/2017  | 
Achieving compliance is a complex and challenging process. But with the right systems and policies, you can stay ahead of the next data breach and the regulators.
In Search of an Rx for Enterprise Security Fatigue
Commentary  |  5/22/2017  | 
Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe? You're not alone.
Deconstructing the 2016 Yahoo Security Breach
Commentary  |  5/19/2017  | 
One good thing about disasters is that we can learn from them and avoid repeating the same mistakes. Here are five lessons that the Yahoo breach should have taught us.
Majority of CEOs Knowingly Raise Risk Level With Their Shadow IT
News  |  5/16/2017  | 
Despite the increased risk shadow IT poses to security, a majority of CEOs surveyed say they are willing to take the risk, according to a survey released today.
Your Grandma Could Be the Next Ransomware Millionaire
Commentary  |  5/15/2017  | 
Today's as-a-service technology has democratized ransomware, offering practically anyone with a computer and an Internet connection an easy way to get in on the game.
Jaff Ransomware Family Emerges In Force
Quick Hits  |  5/12/2017  | 
A new ransomware family is making the rounds in multiple high-volume spam campaigns over the past day, according to Cisco Talos.
5 Steps to Maximize the Value of your Security Investments
Commentary  |  5/12/2017  | 
How a security rationalization process can help CISOs make the most out of their information security infrastructure, and also improve the company bottom line.
Artificial Intelligence: Cybersecurity Friend or Foe?
Commentary  |  5/11/2017  | 
The next generation of situation-aware malware will use AI to behave like a human attacker: performing reconnaissance, identifying targets, choosing methods of attack, and intelligently evading detection.
FTC Launches Cybersecurity Resource Website for SMBs
Quick Hits  |  5/10/2017  | 
Federal Trade Commission website offers free tips and information for small businesses.
Extreme Makeover: AI & Network Cybersecurity
Commentary  |  5/10/2017  | 
In the future, artificial intelligence will constantly adapt to the growing attack surface. Today, we are still connecting the dots.
Shining a Light on Securitys Grey Areas: Process, People, Technology
Commentary  |  5/9/2017  | 
The changing distributed and mobile business landscape brings with it new security and privacy risks. Heres how to meet the challenge.
Backdoors: When Good Intentions Go Bad
Commentary  |  5/5/2017  | 
Requiring encrypted applications to provide backdoors for law enforcement will weaken security for everyone.
Why OAuth Phishing Poses A New Threat to Users
Commentary  |  5/4/2017  | 
Credential phishing lets attackers gain back-end access to email accounts, and yesterday's Google Docs scam raises the risk to a new level.
Google Docs Phishing Attack Abuses Legitimate Third-Party Sharing
Quick Hits  |  5/3/2017  | 
Phishing messages appear nearly identical to legitimate requests to share Google documents, because in many ways, they are.
Seeing Security from the Other Side of the Window
Commentary  |  5/3/2017  | 
From the vantage of our business colleagues, security professionals are a cranky bunch who always need more money, but cant explain why.
Small Budgets Cripple Cybersecurity Efforts of Local Governments
Quick Hits  |  5/3/2017  | 
A survey of local government chief information officers finds that insufficient funding for cybersecurity is the biggest obstacle in achieving high levels of cyber safety.
DDoS Attacks Surge, Organizations Struggle to Respond
News  |  5/2/2017  | 
Organizations often discover a DDoS attack only after being alerted to the fact by a third-party or customer, Neustar survey shows.
Cybersecurity Training Nonexistent at One-Third of SMBs
News  |  5/1/2017  | 
But nearly half of US SMBs in a new survey would be willing to participate in security awareness training at their workplace - even if it was optional.
10 Cybercrime Myths that Could Cost You Millions
Commentary  |  4/29/2017  | 
Dont let a cybersecurity fantasy stop you from building the effective countermeasures you need to protect your organization from attack.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
The Dark Reading Security Spending Survey
The Dark Reading Security Spending Survey
Enterprises are spending an unprecedented amount of money on IT security where does it all go? In this survey, Dark Reading polled senior IT management on security budgets and spending plans, and their priorities for the coming year. Download the report and find out what they had to say.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.