Encrypted Attacks Continue to Dog Perimeter Defenses
Tracking Bitcoin Wallets as IOCs for Ransomware
8 Nation-State Hacking Groups to Watch in 2018
20 Signs You Need to Introduce Automation into Security Ops
Name That Toon: Disappearing Act
News & Commentary
Global Cybercrime Costs Top $600 Billion
Jai Vijayan, Freelance writerNews
More than 50% of attacks result in damages of over $500K, two reports show.
By Jai Vijayan Freelance writer, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
Kelly Sheridan, Associate Editor, Dark ReadingNews
Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
By Kelly Sheridan Associate Editor, Dark Reading, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Trucking Industry Launches Info Sharing, Cybercrime Reporting Service
Dark Reading Staff, Quick Hits
American Trucking Associations developed new Fleet CyWatch threat reporting, information sharing service in conjunction with FBI.
By Dark Reading Staff , 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Takeaways from the Russia-Linked US Senate Phishing Attacks
Tom Kemp, CEOCommentary
The Zero Trust Security approach could empower organizations and protect their customers in ways that go far beyond typical security concerns.
By Tom Kemp CEO, 2/21/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Cryptominers & Cryptomining Botnets You Can't Ignore
Jai Vijayan, Freelance writer
Cryptominers have emerged as a major threat to organizations worldwide. Here are seven you cannot afford to ignore.
By Jai Vijayan Freelance writer, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
C-Suite Divided Over Security Concerns
Steve Zurier, Freelance WriterNews
Survey shows 60% of CEOs plan to invest the most resources in malware prevention, but CISOs, CIOs, and CTOs are on a different page.
By Steve Zurier Freelance Writer, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Getting Started with IoT Security in Healthcare
Chris Park, Chris Park, CIO, iboss
Theres a hazard that comes with introducing any new element into patient care whether it's a new drug or a connected device. These four steps will help keep patients safe.
By Chris Park Chris Park, CIO, iboss, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Researcher to Release Free Attack Obfuscation Tool
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Cybercrime gang FIN7, aka Carbanak, spotted hiding behind another Windows function, according to research to be presented at Black Hat Asia next month.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/20/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark ReadingNews
Facebook's massive user base creates an opportunity to educate billions on security.
By Kelly Sheridan Associate Editor, Dark Reading, 2/20/2018
Comment2 comments  |  Read  |  Post a Comment
SWIFT Network Used in $2 Million Heist at Indian Bank
Dark Reading Staff, Quick Hits
The theft at India's City Union Bank comes on the heels of news that attackers stole $6 million from a Russian bank via SWIFT network last year.
By Dark Reading Staff , 2/20/2018
Comment0 comments  |  Read  |  Post a Comment
Meltdown/Spectre: The First Large-Scale Example of a 'Genetic' Threat
Michael Lines, Vice President, Strategy, Risk, and Compliance Services at  OptivCommentary
These vulnerabilities mark an evolutionary leap forward, and companies must make fighting back a priority.
By Michael Lines Vice President, Strategy, Risk, and Compliance Services at Optiv, 2/20/2018
Comment0 comments  |  Read  |  Post a Comment
Vulnerabilities Broke Records Yet Again in 2017
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Meanwhile, organizations still struggle to manage remediation.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/20/2018
Comment0 comments  |  Read  |  Post a Comment
Proactive Threat Hunting: Taking the Fight to the Enemy
Laurence Pitt, Strategic Security Director EMEA Juniper Networks
Pulling together everything your security team needs to be effective at threat hunting is not easy but it's definitely worthwhile. Here's why.
By Laurence Pitt Strategic Security Director EMEA Juniper Networks, 2/20/2018
Comment0 comments  |  Read  |  Post a Comment
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark ReadingNews
Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.
By Kelly Sheridan Associate Editor, Dark Reading, 2/16/2018
Comment6 comments  |  Read  |  Post a Comment
Siemens Leads Launch of Global Cybersecurity Initiative
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
FedEx Customer Data Exposed on Unsecured S3 Server
Dark Reading Staff, Quick Hits
Thousands of documents from US and international citizens were exposed on an Amazon S3 bucket configured for public access.
By Dark Reading Staff , 2/16/2018
Comment1 Comment  |  Read  |  Post a Comment
Rise of the 'Hivenet': Botnets That Think for Themselves
Derek Manky, Global Security Strategist, FortinetCommentary
These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.
By Derek Manky Global Security Strategist, Fortinet, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Russian Hackers Sentenced in Heartland Payment Systems Breach Case
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Two more men involved in the massive payment card theft from multiple major US corporations that began in 2007 now sent to federal prison.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Gang Ramps up Ransomware Campaign
Jai Vijayan, Freelance writerNews
In the last few weeks, Gold Lowell group has collected over $350K after infecting victims with SamSam crypto malware, researchers at Secureworks found.
By Jai Vijayan Freelance writer, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
White House: Russian Military Behind NotPetya Attacks
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Trump administration statement comes on the heels of UK government calling out Russia for the cyberattacks that spread through Europe and elsewhere.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Joe Stanganelli
Current Conversations "I think I found our security gap."
In reply to: js1
Post Your Own Reply
More Conversations
PR Newswire
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMatters,  2/15/2018
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Proactive Threat Hunting: Taking the Fight to the Enemy
Pulling together everything your security team needs to be effective at threat hunting is not easy but it's definitely worthwhile. Here's why. Read >>
Partner Perspectives
What's This?
Getting Started with IoT Security in Healthcare
There's a hazard that comes with introducing any new element into patient care whether it's a new drug or a connected device. These four steps will help keep patients safe. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
The Mirai Botnet Is Attacking Again
And the spinoff bots -- and all their command and control hostnames buried in the morass of digital data -- are hilarious. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Dark Reading Live EVENTS
Dark Reading Security Pro Summit at Interop ITX 2018
Produced by the Dark Reading Team - The Security Pro Summit is an opportunity for IT security professionals to take a deeper dive into cyber security defense, learning from experts about advanced methods for detecting and responding to new threats.
Topics that will be discussed:
  • Improving Threat Analysis and Implement Threat Hunting Practices
  • Optimizing Vulnerability Detection & Remediation
  • Getting Better Performance From Your Security Operations Center
  • Plus, much more
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Flash Poll
Video
Slideshows
Twitter Feed