DRTV

The Economics of AI-Enabled Security
The Economics of AI-Enabled Security
Dark Reading Videos  |  8/17/2018  | 
While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.
Filtering the Threat Intelligence Tsunami
Filtering the Threat Intelligence Tsunami
Dark Reading Videos  |  8/17/2018  | 
Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching.
Ensuring Web Applications Are Hardened, Secure
Ensuring Web Applications Are Hardened, Secure
Dark Reading Videos  |  8/17/2018  | 
Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.
Look The Other Way: DDoS Attacks As Diversions
Look The Other Way: DDoS Attacks As Diversions
Dark Reading Videos  |  9/7/2016  | 
Black Hat News Desk talks to Joe Loveless of Neustar.
The Threat Of Security Analytics Complexity
The Threat Of Security Analytics Complexity
Dark Reading Videos  |  3/23/2016  | 
Congratulations! You're protecting your organization with layered security...but now you're drowning in more security analytics data flows than you can handle.
Using Offensive Security Mindset To Create Best Defense
Using Offensive Security Mindset To Create Best Defense
Dark Reading Videos  |  3/2/2016  | 
Carbon Black's CTO and chief security strategist talk about how their background in offensive security helps them think like attackers, and better defend against them.
Visual Analytics And Threat Intelligence With Raffael Marty
Visual Analytics And Threat Intelligence With Raffael Marty
Dark Reading Videos  |  9/29/2015  | 
Raffael Marty, founder and CEO of PixlCloud, stops by Dark Reading News Desk at Black Hat to discuss how to harness security data, visualize it, and put it to use, so it's more than just pretty pictures.
Dan Kaminsky's Visions Of The CISO's Future
Dan Kaminsky's Visions Of The CISO's Future
Dark Reading Videos  |  9/16/2015  | 
Dan Kaminsky, chief scientist and founder of White Ops, visits Dark Reading News Desk at Black Hat to explain a 'fairly controversial' opinion about how to fix the security skills shortage, and why CISOs' budgets will double, then double again.
Catching Attackers With A Security Delivery Platform
Catching Attackers With A Security Delivery Platform
Dark Reading Videos  |  8/27/2015  | 
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Dark Reading Videos  |  8/27/2015  | 
Gautam Aggarwal, CMO of Bay Dynamics, visits Dark Reading News Desk at Black Hat to explain that its important to not just develop a cybersecurity strategy, but to also better understand what your security blind spots are.
What Next-Gen Security Looks Like
What Next-Gen Security Looks Like
Dark Reading Videos  |  12/9/2013  | 
The nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms.


Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20000
PUBLISHED: 2018-12-10
Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java.
CVE-2018-20001
PUBLISHED: 2018-12-10
In Libav 12.3, there is a floating point exception in the range_decode_culshift function (called from range_decode_bits) in libavcodec/apedec.c that will lead to remote denial of service via crafted input.
CVE-2018-20002
PUBLISHED: 2018-12-10
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
CVE-2018-19991
PUBLISHED: 2018-12-10
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.
CVE-2018-19653
PUBLISHED: 2018-12-09
HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.