News & Commentary

Latest Content tagged with Analytics
Page 1 / 2   >   >>
Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps
Commentary  |  12/5/2017  | 
By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.
'Blocking and Tackling' in the New Age of Security
News  |  12/1/2017  | 
In a pep talk to CISOs, the chief security strategist at PSCU advises teams to prioritize resilience in addition to security.
The Looming War of Good AI vs. Bad AI
Commentary  |  11/28/2017  | 
The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.
McAfee Looks to Cloud with Skyhigh Acquisition
Quick Hits  |  11/27/2017  | 
McAfee agrees to buy CASB provider Skyhigh Networks, demonstrating a strong focus on cloud security.
IBM, Nonprofits Team Up in New Free DNS Service
News  |  11/17/2017  | 
Quad9 blocks malicious sites used in phishing, other nefarious activity.
121 Pieces of Malware Flagged on NSA Employee's Home Computer
News  |  11/16/2017  | 
Kaspersky Lab's internal investigation found a backdoor Trojan and other malware on the personal computer of the NSA employee who took home agency hacking tools.
Death of the Tier 1 SOC Analyst
News  |  11/16/2017  | 
Say goodbye to the entry-level security operations center (SOC) analyst as we know it.
Deception Technology: Prevention Reimagined
Commentary  |  11/15/2017  | 
How state-of-the-art tools make it practical and cost-effective to identify and engage attackers in early lateral movement stages to prevent them from reaching critical systems and data.
Siemens Teams Up with Tenable
News  |  11/8/2017  | 
ICS/SCADA vendor further extends its managed security services for critical infrastructure networks.
Windows 10 Update: 10 Key New Security Features
Slideshows  |  10/25/2017  | 
Microsoft is tightening its focus on Windows 10 security with several new security tools in its latest major OS update.
Advanced Analytics + Frictionless Security: What CISOS Need to Know
Commentary  |  10/25/2017  | 
Advances in analytics technologies promise to make identity management smarter and more transparent to users. But the process is neither straightforward nor easy.
Opera, Vivaldi Co-Founder Talks Internet Privacy
News  |  10/24/2017  | 
Most people don't understand the extent to which their personal information is at risk, says Jon von Tetzchner, who founded the Opera and Vivaldi browser firms.
Security Tops Use Cases for Endpoint Data
Quick Hits  |  10/11/2017  | 
Businesses increasingly use endpoint data for security investigations, eDiscovery, and device migration to Windows 10.
Microsoft Patches Windows Zero-Day Flaws Tied to DNSSEC
News  |  10/10/2017  | 
Security experts advise 'immediate' patching of critical DNS client vulnerabilities in Windows 8, 10, and other affected systems.
Unstructured Data: The Threat You Cannot See
Commentary  |  10/10/2017  | 
Why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control.
Artificial Intelligence: Experts Talk Ethical, Security Concerns
News  |  10/10/2017  | 
Global leaders weigh the benefits and dangers of a future in which AI plays a greater role in business and security strategy.
7 SIEM Situations That Can Sack Security Teams
Slideshows  |  9/27/2017  | 
SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.
How Security Metrics Fail Us & How We Fail Them
How Security Metrics Fail Us & How We Fail Them
Dark Reading Videos  |  9/26/2017  | 
Joseph Carson of Thycotic discusses how infosec professionals buy security products they don't need and make other bad decisions, because of poor use of metrics.
FBI's Freese Shares Risk Management Tips
News  |  9/26/2017  | 
Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.
PassGAN: Password Cracking Using Machine Learning
News  |  9/25/2017  | 
Researchers demo how deep neural networks can be trained to generate passwords better than the best password-cracking tools.
SMBs Paid $301 Million to Ransomware Attackers
Quick Hits  |  9/21/2017  | 
But small- to midsized businesses are taking a tougher stand against ransomware attacks, according to a survey released today of the 2016-2017 period.
Siemens' New ICS/SCADA Security Service a Sign of the Times
News  |  9/19/2017  | 
Major ICS/SCADA vendors are entering the managed security services business with cloud-based offerings for energy and other industrial sectors.
Security Orchestration & Automation: Parsing the Options
Commentary  |  9/15/2017  | 
Once you head down the path of orchestration, security teams will need to decide how much automation they are ready for. Here's how.
A New Model for 'Mathematically Provable Security'
A New Model for 'Mathematically Provable Security'
Dark Reading Videos  |  9/14/2017  | 
Winn Schwartau, CEO of The Security Awareness Company, says we all know the old model of security is broken and it's time for a new one.
Endpoint Security Overload
News  |  9/5/2017  | 
CISOs and their teams are over-investing in endpoint security tools, driving inefficiency and a need to consolidate data.
Security Analytics: Making the Leap from Data Lake to Meaningful Insight
Commentary  |  8/29/2017  | 
Once you've got a lake full of data, it's essential that your analysis isn't left stranded on the shore.
Curbing the Cybersecurity Workforce Shortage with AI
Commentary  |  8/18/2017  | 
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
What CISOs Need to Know about the Psychology behind Security Analysis
Commentary  |  8/14/2017  | 
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
Using AI to Break Detection Models
News  |  7/25/2017  | 
Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today.
How Bad Data Alters Machine Learning Results
News  |  6/13/2017  | 
Machine learning models tested on single sources of data can prove inaccurate when presented with new sources of information.
How to Succeed at Incident Response Metrics
Commentary  |  6/2/2017  | 
Establishing a baseline of what information you need is an essential first step.
How to Integrate Threat Intel & DevOps
Commentary  |  5/4/2017  | 
Automating intelligence can help your organization in myriad ways.
Call Center Fraud Spiked 113% in 2016
News  |  4/26/2017  | 
Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.
Machine Learning in Security: 4 Factors to Consider
News  |  4/21/2017  | 
Key factors to consider before adding machine learning to your security strategy.
10 Questions To Get Practical Answers At Interop ITX
Commentary  |  4/14/2017  | 
May 15-19 in Las Vegas: How to get solutions and advice from top speakers for the things that you really want to know.
Teaching Hospitals at Greater Data Breach Risk
Quick Hits  |  4/6/2017  | 
John Hopkins researcher studies data breaches at hospitals between 2009 and 2016.
Data Visualization: Keeping an Eye on Security
Commentary  |  3/27/2017  | 
Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?
Fortune 1000 Companies See Security Ratings Drop
News  |  3/8/2017  | 
Fortune 1000 businesses report more breaches, and lower security performance, than their non-F1000 counterparts.
Trust, Cloud & the Quest for a Glass Wall around Security
Commentary  |  3/8/2017  | 
In the next year, were going to see a leap towards strategic, business-level objectives that can be resolved by simplifying infrastructure and granting greater visibility in real time.
Today on Dark Reading: Your Costs, Risks & Metrics Questions Answered
Commentary  |  2/27/2017  | 
First up on the Dark Reading upcoming events calendar is our Dark Reading Virtual Event Tuesday, Feb. 28.
20 Cybersecurity Startups To Watch In 2017
Slideshows  |  2/24/2017  | 
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
Why Identity Has Become A Top Concern For CSOs
Commentary  |  2/14/2017  | 
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
IBM Brings Watson Cognitive Computing To The SOC
News  |  2/13/2017  | 
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
How to Handle Threats When Short-Staffed
How to Handle Threats When Short-Staffed
Dark Reading Videos  |  2/3/2017  | 
Skyboxs Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
Over 4.2 Billion Records Exposed In 4,149 Breaches In 2016
Quick Hits  |  1/31/2017  | 
Survey says US and UK witnessed more than half of 2016 global breaches; 52% of attacks compromised Social Security Numbers.
Why Youre Doing Cybersecurity Risk Measurement Wrong
Commentary  |  1/30/2017  | 
Measuring risk isnt as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
This Week On Dark Reading: Event Calendar
Commentary  |  1/25/2017  | 
Devote some time and headspace to improving your skills with these Dark Reading events.
Machine Learning For Cybersecurity Not Cybercrime
Partner Perspectives  |  1/17/2017  | 
Cybercriminals have yet to adopt machine learning for offensive attack strategies - and they probably wont for a long time.
Crowdsourcing 20 Answers To Security Ops & IR Questions
Commentary  |  1/12/2017  | 
Those who know do not speak. Those who speak do not know. Why it pays to take a hard look at our own incident response functions and operations.
'Molecular' Cybersecurity Vs. Information Cybersecurity
Commentary  |  1/10/2017  | 
When it comes to industrial processes, security begins at the molecular level.
Page 1 / 2   >   >>


Why Cybersecurity Must Be an International Effort
Kelly Sheridan, Associate Editor, Dark Reading,  12/6/2017
NIST Releases New Cybersecurity Framework Draft
Jai Vijayan, Freelance writer,  12/6/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] Cloud Security's Changing Landscape
[Strategic Security Report] Cloud Security's Changing Landscape
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.