News & Commentary

Latest Content tagged with Analytics
Page 1 / 2   >   >>
New Europol Protocol Addresses Cross-Border Cyberattacks
Quick Hits  |  3/18/2019  | 
The protocol is intended to support EU law enforcement in providing rapid assessment and response for cyberattacks across borders.
Dragos Buys ICS Firm with US Dept. of Energy Roots
Quick Hits  |  3/18/2019  | 
NexDefense ICS security tool will be offered for free by Dragos.
4 Reasons to Take an 'Inside Out' View of Security
Commentary  |  3/14/2019  | 
When you approach security from the inside out, you're protecting your data by determining the most vital applications and using a risk-based strategy, which focuses on the most valuable and vulnerable assets.
Cybercriminals Think Small to Earn Big
Quick Hits  |  3/12/2019  | 
As the number of breaches increased 424% in 2018, the average breach size shrunk 4.7 times as attackers aimed for smaller, more vulnerable targets.
How China & Russia Use Social Media to Sway the West
News  |  3/7/2019  | 
Researchers break down the differences in how China and Russia use social media to manipulate American audiences.
Care and Feeding of Your SIEM
Commentary  |  3/5/2019  | 
Six simple steps to mitigate the grunt work and keep your organization safe.
Incident Response: Having a Plan Isn't Enough
News  |  3/5/2019  | 
Data shows organizations neglect to review and update breach response plans as employees and processes change, putting data at risk.
Chronicle Releases Chapter One: Backstory
News  |  3/4/2019  | 
Google spin-off Alphabet rolls out a new cloud-based security data platform that ultimately could displace some security tools in organizations.
Fixing Fragmentation Can Yield Tangible Benefits
News  |  3/4/2019  | 
Consolidating technology and breaking down functional silos can bring solid financial results, a new study finds.
Here's What Happened When a SOC Embraced Automation
Commentary  |  3/4/2019  | 
Despite initial apprehension, security engineers and analysts immediately began to notice a variety of benefits.
Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service
News  |  2/28/2019  | 
New services, which are both available in preview, arrive at a time when two major trends are converging on security.
Bots Plague Ticketing Industry
News  |  2/28/2019  | 
Bots now account for 39.9% of all ticketing traffic, mostly originating in North America.
Intel Focuses on Data Center, Firmware Security Ahead of RSAC
News  |  2/27/2019  | 
The new Intel SGX Card is intended to extend application memory security using Intel SGX in existing data center infrastructure.
Security Firm to Offer Free Hacking Toolkit
News  |  2/27/2019  | 
CQTools suite includes both exploit kits and information-extraction functions, its developers say.
Your Employees Want to Learn. How Should You Teach Them?
Slideshows  |  2/26/2019  | 
Security practitioners are most likely to stay at organizations that offer career development. Here are eight tips to consider as you plan your course of action.
Human Negligence to Blame for the Majority of Insider Threats
News  |  2/21/2019  | 
In 98% of the assessments conducted for its research, Dtex found employees exposed proprietary company information on the Web a 20% jump from 2018.
Security Analysts Are Only Human
Commentary  |  2/21/2019  | 
SOC security analysts shoulder the largest cybersecurity burden. Automation is the way to circumvent the unavoidable human factor. Third in a six-part series.
'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One?
News  |  2/20/2019  | 
Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers and all they need is a small piece of JavaScript.
Google Research: No Simple Fix For Spectre-Class Vulnerabilities
News  |  2/19/2019  | 
Chip makers focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates - only by hard choices.
Palo Alto Networks to Buy Demisto for $560M
Quick Hits  |  2/19/2019  | 
This marks Palo Alto Networks' latest acquisition and its first of 2019.
Security Spills: 9 Problems Causing the Most Stress
Slideshows  |  2/14/2019  | 
Security practitioners reveal what's causing them the most frustration in their roles.
2018 Was Second-Most Active Year for Data Breaches
News  |  2/13/2019  | 
Hacking by external actors caused most breaches, but Web intrusions and exposures compromised more records, according to Risk Based Security.
Symantec Acquires Luminate to Build on Cloud Security
Quick Hits  |  2/12/2019  | 
Luminate Security, which specializes in software-defined perimeter technology, will extend Symantec's integrated defense platform.
How Hackers Could Hit Super Bowl LIII
News  |  2/1/2019  | 
Security threats and concerns abound for the year's biggest football game. What officials and fans can do about it.
Dell, CrowdStrike, Secureworks Join Forces to Secure Endpoints
News  |  1/31/2019  | 
Dell SafeGuard and Response is geared toward businesses, governments, and schools that may lack resources they need to detect and remediate sophisticated threats.
The Evolution of SIEM
Commentary  |  1/23/2019  | 
Expectations for these security information and event management systems have grown over the years, in ways that just aren't realistic.
7 Business Metrics Security Pros Need to Know
Slideshows  |  12/21/2018  | 
These days, security has to speak the language of business. These KPIs will get you started.
How Well Is Your Organization Investing Its Cybersecurity Dollars?
Commentary  |  12/11/2018  | 
The principles, methods, and tools for performing good risk measurement already exist and are being used successfully by organizations today. They take some effort -- and are totally worth it.
Cyber Crooks Diversify Business with Multi-Intent Malware
Commentary  |  11/15/2018  | 
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
7 Cool New Security Tools to be Revealed at Black Hat Europe
Slideshows  |  11/12/2018  | 
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
Finding Gold in the Threat Intelligence Rush
News  |  11/7/2018  | 
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
20 Cybersecurity Firms to Watch
Slideshows  |  11/7/2018  | 
A look at some of the more interesting investments, acquisitions, and strategic moves in the security sector over the past year.
Energy Sector's IT Networks in the Bulls-Eye
News  |  11/5/2018  | 
Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes.
Thoma Bravo Buys Veracode
News  |  11/5/2018  | 
Broadcom will sell Veracode, acquired last year by CA, for $950M to Thoma Bravo as it broadens its security portfolio.
7 Non-Computer Hacks That Should Never Happen
Slideshows  |  11/5/2018  | 
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.
Symantec Acquires Appthority And Javelin Networks
Quick Hits  |  11/5/2018  | 
Both buys bolster the cybersecurity company's endpoint security business.
Apple Patches Multiple Major Security Flaws
News  |  10/31/2018  | 
New security updates cross all Apple platforms.
Qualys Snaps Up Container Firm
Quick Hits  |  10/31/2018  | 
Plans to use Layered Insight's technology to add runtime capabilities and automated enforcement to its container security tool.
9 Traits of A Strong Infosec Resume
Slideshows  |  10/31/2018  | 
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
News  |  10/29/2018  | 
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
The Three Dimensions of the Threat Intelligence Scale Problem
Commentary  |  10/17/2018  | 
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
Security Researchers Struggle with Bot Management Programs
Commentary  |  10/10/2018  | 
Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.
Teach Your AI Well: A Potential New Bottleneck for Cybersecurity
News  |  10/8/2018  | 
Artificial intelligence (AI) holds the promise of easing the skills shortage in cybersecurity, but implementing AI may result in a talent gap of its own for the industry.
Alphabet's Chronicle Releases VirusTotal Enterprise
News  |  9/27/2018  | 
Chronicle, the cybersecurity business under Alphabet, releases a major update to VirusTotal geared toward corporate threat hunters.
Managing Data the Way We Manage Money
Commentary  |  9/27/2018  | 
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Commentary  |  9/20/2018  | 
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
As Tech Drives the Business, So Do CISOs
News  |  9/19/2018  | 
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
8 Keys to a Successful Penetration Test
Slideshows  |  9/19/2018  | 
Pen tests are expensive, but there are key factors that can make them worth the investment.
The Security Costs of Cloud-Native Applications
News  |  9/18/2018  | 
More than 60% of organizations report the bulk of new applications are built in the cloud. What does this mean for security?
EternalBlue Infections Persist
Quick Hits  |  9/14/2018  | 
Indonesia, Taiwan, Vietnam, Thailand, Egypt, Russia, China, among the top 10 nations with the most machines infected with the exploit.
Page 1 / 2   >   >>


It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Cybercriminals Think Small to Earn Big
Dark Reading Staff 3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.