News & Commentary

Latest Content tagged with Analytics
Page 1 / 2   >   >>
Cyber Crooks Diversify Business with Multi-Intent Malware
Commentary  |  11/15/2018  | 
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
7 Cool New Security Tools to be Revealed at Black Hat Europe
Slideshows  |  11/12/2018  | 
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
Finding Gold in the Threat Intelligence Rush
News  |  11/7/2018  | 
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
20 Cybersecurity Firms to Watch
Slideshows  |  11/7/2018  | 
A look at some of the more interesting investments, acquisitions, and strategic moves in the security sector over the past year.
Energy Sector's IT Networks in the Bulls-Eye
News  |  11/5/2018  | 
Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes.
Thoma Bravo Buys Veracode
News  |  11/5/2018  | 
Broadcom will sell Veracode, acquired last year by CA, for $950M to Thoma Bravo as it broadens its security portfolio.
7 Non-Computer Hacks That Should Never Happen
Slideshows  |  11/5/2018  | 
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.
Symantec Acquires Appthority And Javelin Networks
Quick Hits  |  11/5/2018  | 
Both buys bolster the cybersecurity company's endpoint security business.
Apple Patches Multiple Major Security Flaws
News  |  10/31/2018  | 
New security updates cross all Apple platforms.
Qualys Snaps Up Container Firm
Quick Hits  |  10/31/2018  | 
Plans to use Layered Insight's technology to add runtime capabilities and automated enforcement to its container security tool.
9 Traits of A Strong Infosec Resume
Slideshows  |  10/31/2018  | 
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
News  |  10/29/2018  | 
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
The Three Dimensions of the Threat Intelligence Scale Problem
Commentary  |  10/17/2018  | 
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
Security Researchers Struggle with Bot Management Programs
Commentary  |  10/10/2018  | 
Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.
Teach Your AI Well: A Potential New Bottleneck for Cybersecurity
News  |  10/8/2018  | 
Artificial intelligence (AI) holds the promise of easing the skills shortage in cybersecurity, but implementing AI may result in a talent gap of its own for the industry.
Alphabet's Chronicle Releases VirusTotal Enterprise
News  |  9/27/2018  | 
Chronicle, the cybersecurity business under Alphabet, releases a major update to VirusTotal geared toward corporate threat hunters.
Managing Data the Way We Manage Money
Commentary  |  9/27/2018  | 
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Commentary  |  9/20/2018  | 
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
As Tech Drives the Business, So Do CISOs
News  |  9/19/2018  | 
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
8 Keys to a Successful Penetration Test
Slideshows  |  9/19/2018  | 
Pen tests are expensive, but there are key factors that can make them worth the investment.
The Security Costs of Cloud-Native Applications
News  |  9/18/2018  | 
More than 60% of organizations report the bulk of new applications are built in the cloud. What does this mean for security?
EternalBlue Infections Persist
Quick Hits  |  9/14/2018  | 
Indonesia, Taiwan, Vietnam, Thailand, Egypt, Russia, China, among the top 10 nations with the most machines infected with the exploit.
Military, Government Users Just as Bad About Password Hygiene as Civilians
News  |  9/14/2018  | 
New report comes out just as group of US senators chastise Secretary of State Mike Pompeo for not using multifactor authentication.
The Economics of AI-Enabled Security
The Economics of AI-Enabled Security
Dark Reading Videos  |  8/17/2018  | 
While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.
Filtering the Threat Intelligence Tsunami
Filtering the Threat Intelligence Tsunami
Dark Reading Videos  |  8/17/2018  | 
Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching.
Xori Adds Speed, Breadth to Disassembler Lineup
News  |  8/9/2018  | 
A new open source tool, introduced at Black Hat USA, places a priority on speed and automation.
How AI Could Become the Firewall of 2003
Commentary  |  8/1/2018  | 
An over-reliance on artificial intelligence and machine learning for the wrong uses will create unnecessary risks.
5 Ways Small Security Teams Can Defend Like Fortune 500 Companies
Commentary  |  7/26/2018  | 
Keep your company protected with a mix of old- and new-school technologies.
Why Security Startups Fly And Why They Crash
News  |  7/20/2018  | 
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
SOCs Use Automation to Compensate for Training, Technology Issues
News  |  7/13/2018  | 
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
Why Sharing Intelligence Makes Everyone Safer
Commentary  |  6/29/2018  | 
Security teams must expand strategies to go beyond simply identifying details tied to a specific threat to include context and information about attack methodologies.
Improving the Adoption of Security Automation
Commentary  |  6/20/2018  | 
Four barriers to automation and how to overcome them.
The Best and Worst Tasks for Security Automation
Slideshows  |  6/20/2018  | 
As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
Security Analytics Startup Uptycs Raises $10M in Series A
Quick Hits  |  6/19/2018  | 
This round of funding for Uptycs, which runs an osquery-powered analytics platform, was led by ForgePoint Capital and Comcast Ventures.
Security Ratings Answer Big Questions in Cyber Insurance
News  |  6/11/2018  | 
More insurers are teaming up with security ratings firms to learn more about their clients, define policies, and determine coverage.
SAP CSO: Security Requires Context
News  |  6/11/2018  | 
Security depends on the apps and networks it protects. SAP CSO Justin Somaini discusses three scenarios.
Bug Bounty Payouts Up 73% Per Vulnerability: Bugcrowd
News  |  6/7/2018  | 
Bug bounty programs grew along with payouts, which averaged $781 per vulnerability this year, researchers report.
Operation Prowli Hits 40K with Traffic Monetization, Cryptomining
News  |  6/6/2018  | 
The campaign targets services including Drupal CMS sites, DSL modems, vulnerable IoT devices, and servers with an open SSH port.
Dark Web Marketplaces Dissolve Post-AlphaBay, Hansa Takedown
News  |  6/5/2018  | 
Cybercrime marketplaces reshape into smaller forums and individual chats as threat actors find new ways to evade law enforcement.
Panorays Debuts With $5 Million Investment
Quick Hits  |  6/5/2018  | 
Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.
I, for One, Welcome Our Robotic Security Overlords
Commentary  |  6/5/2018  | 
Automation will come in more subtle ways than C-3PO and it's transforming cybersecurity.
Web Application Firewalls Adjust to Secure the Cloud
News  |  6/4/2018  | 
Cloud-based WAFs protect applications without the costs and complexity of on-prem hardware. Here's what to keep in mind as you browse the growing market.
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Commentary  |  6/4/2018  | 
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
Google Groups Misconfiguration Exposes Corporate Data
News  |  6/1/2018  | 
Researchers say as many as 10,000 businesses are affected by a widespread misconfiguration in Google Groups settings.
Open Bug Bounty Offers Free Program For Websites
News  |  6/1/2018  | 
Non-profit says it will triage and verify certain kinds of Web vulnerability submissions at no cost for those who sign up.
Report: Cross-Site Scripting Still Number One Web Attack
Quick Hits  |  6/1/2018  | 
SQL injection is the second most common technique, with IT and finance companies the major targets.
New Federal Report Gives Guidance on Beating Botnets
News  |  5/31/2018  | 
A report from the Departments of Commerce and Homeland Security provides five goals for protecting infrastructure from botnets and other automated threats.
Building Blocks for a Threat Hunting Program
News  |  5/31/2018  | 
Guidance for businesses building threat intelligence strategies while overwhelmed by threats, lack of talent, and a healthy dose of skepticism about the market.
Thoma Bravo Acquires Majority Stake in LogRhythm
Quick Hits  |  5/31/2018  | 
The SIEM vendor sells stake to private equity firm.
Judge Tosses Kaspersky Lab Suits Against US Government Ban
Quick Hits  |  5/31/2018  | 
A US judge dismisses two lawsuits filed by Kaspersky Lab, which argued the US government ban on its products was unconstitutional and caused undue harm.
Page 1 / 2   >   >>


Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19301
PUBLISHED: 2018-11-15
tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted username is mishandled when an administrator later views the system log.
CVE-2018-5407
PUBLISHED: 2018-11-15
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-14934
PUBLISHED: 2018-11-15
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
CVE-2018-14935
PUBLISHED: 2018-11-15
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
CVE-2018-16619
PUBLISHED: 2018-11-15
Sonatype Nexus Repository Manager before 3.14 allows XSS.