8 Nation-State Hacking Groups to Watch in 2018
20 Signs You Need to Introduce Automation into Security Ops
Tracking Bitcoin Wallets as IOCs for Ransomware
Name That Toon: Disappearing Act
7 Ways to Maximize Your Security Dollars
News & Commentary
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark ReadingNews
Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.
By Kelly Sheridan Associate Editor, Dark Reading, 2/16/2018
Comment2 comments  |  Read  |  Post a Comment
Siemens Leads Launch of Global Cybersecurity Initiative
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
FedEx Customer Data Exposed on Unsecured S3 Server
Dark Reading Staff, Quick Hits
Thousands of documents from US and international citizens were exposed on an Amazon S3 bucket configured for public access.
By Dark Reading Staff , 2/16/2018
Comment1 Comment  |  Read  |  Post a Comment
Rise of the 'Hivenet': Botnets That Think for Themselves
Derek Manky, Global Security Strategist, FortinetCommentary
These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.
By Derek Manky Global Security Strategist, Fortinet, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Russian Hackers Sentenced in Heartland Payment Systems Breach Case
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Two more men involved in the massive payment card theft from multiple major US corporations that began in 2007 now sent to federal prison.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Gang Ramps up Ransomware Campaign
Jai Vijayan, Freelance writerNews
In the last few weeks, Gold Lowell group has collected over $350K after infecting victims with SamSam crypto malware, researchers at Secureworks found.
By Jai Vijayan Freelance writer, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
White House: Russian Military Behind NotPetya Attacks
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Trump administration statement comes on the heels of UK government calling out Russia for the cyberattacks that spread through Europe and elsewhere.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
IRS Reports Steep Decline in Tax-Related ID Theft
Steve Zurier, Freelance WriterNews
Research group Javelin confirms that the numbers are trending in the right direction, with total fraud losses dropping more than 14% to $783 million.
By Steve Zurier Freelance Writer, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
Kelly Sheridan, Associate Editor, Dark ReadingNews
New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
By Kelly Sheridan Associate Editor, Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Democracy & DevOps: What Is the Proper Role for Security?
PJ Kirner, CTO & Founder, IllumioCommentary
Security experts need a front-row seat in the application development process but not at the expense of the business.
By PJ Kirner CTO & Founder, Illumio, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Air Force Awards $12,500 for One Bug
Dark Reading Staff, Quick Hits
The highest single bounty of any federal bug bounty program yet is awarded through Hack the Air Force 2.0.
By Dark Reading Staff , 2/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Oracle Buys Zenedge for Cloud Security
Dark Reading Staff, Quick Hits
Oracle announces its acquisition of Zenedge, which focuses on cloud-based network and infrastructure security.
By Dark Reading Staff , 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMattersCommentary
A solid approach to change management can help prevent problems downstream.
By Robert Hawk Privacy & Security Lead at xMatters, 2/15/2018
Comment1 Comment  |  Read  |  Post a Comment
The Mirai Botnet Is Attacking Again
David Holmes, World-Wide Security Evangelist, F5
And the spinoff bots and all their command and control hostnames buried in the morass of digital data are hilarious.
By David Holmes World-Wide Security Evangelist, F5, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
Kelly Sheridan, Associate Editor, Dark ReadingNews
The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
By Kelly Sheridan Associate Editor, Dark Reading, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Filing Deadline for New Infosec Law Hits NY Finance Firms Thursday
Dark Reading Staff, Quick Hits
Banks and financial services companies in New York must file by tomorrow to certify they are compliant with the state Department of Financial Services new cybersecurity regulation, 23 NYCRR 500.
By Dark Reading Staff , 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Intel Expands Bug Bounty Program, Offers up to $250K
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Microprocessor giant adds vulnerability-finding category for Meltdown, Spectre-type flaws.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips to Keep Cybersecurity Front & Center
Greg Kushto, Vice President of Sales Engineering at Force 3Commentary
In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.
By Greg Kushto Vice President of Sales Engineering at Force 3, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Cybercrime Costs for Financial Sector up 40% Since 2014
Sara Peters, Senior Editor at Dark ReadingQuick Hits
A 9.6% increase just in the past year, and denial-of-service attacks are partly to blame.
By Sara Peters Senior Editor at Dark Reading, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading
Attacks using SSL to obfuscate malicious traffic finding fertile ground for growth.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Can Machine Learning Outsmart Malware?
Using machine learning in the cybersecurity domain is a growing trend with many advantages, but it also has its risks. Read >>
Partner Perspectives
What's This?
The GDPR Clock Is Running Out. Now What?
Many organizations impacted by new European Union data privacy rules that go into effect May 25 are still blind to some of the basics. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
The Mirai Botnet Is Attacking Again
And the spinoff bots -- and all their command and control hostnames buried in the morass of digital data -- are hilarious. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Dark Reading Live EVENTS
Dark Reading Security Pro Summit at Interop ITX 2018
Produced by the Dark Reading Team - The Security Pro Summit is an opportunity for IT security professionals to take a deeper dive into cyber security defense, learning from experts about advanced methods for detecting and responding to new threats.
Topics that will be discussed:
  • Improving Threat Analysis and Implement Threat Hunting Practices
  • Optimizing Vulnerability Detection & Remediation
  • Getting Better Performance From Your Security Operations Center
  • Plus, much more
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Flash Poll
Video
Slideshows
Twitter Feed