Endpoint

3/27/2017
12:15 PM
50%
50%

This Week On Dark Reading: Event Calendar

Ransomware remediation and recovery this week, with clouds on the horizon.

THIS WEEK: 

Tomorrow -- Tuesday, March 28 at 1 p.m. Eastern Time: Ransomware Remediation & Recovery, with John Pironti, president of IP Architects, and Aimee Simpson, solution marketing manager of Code 42.

You’ve been hit by ransomware – and hit hard. Your organization has decided it won’t give in to the attackers’ demands for a ransom. Now what? Your business continuity planning may not have prepared you for a ransomware outbreak. How good are your backups? How accessible are your remote workers? Can you reimage machines or restore files? Can you restore your organization’s lost revenue or damaged reputation? The challenges are many, but with the right preparations, information security professionals can lead recovery efforts with confidence and remediate ransomware attacks effectively.

COMING SOON:

  • Tuesday, April 11, 1 p.m. ET: Cloud Security: Myths and Reality, Rich Mogul, CEO and analyst, Securosis, and Gene Stevens, Co-founder and CTO, ProtectWise
  • Wednesday, April 19, 1 p.m. ET: How Online Attackers Find Out About Your Organization, Michele Fincher, COO and chief influencing agent, Social-Engineer LLC, Chris Hadnagy, CEO, founder and chief human hacker, Social-Engineer LLC, and Bob Adams, cyber security strategist, Mimecast

DOWN THE ROAD:

May 15-19: Interop ITX Conference, Las Vegas, MGM Grand Hotel. Online events are great, but nothing beats face time. 

Planning to hit Tuesday's webinar, but still want more advice on ransomware? You'll want to hit "Ransomware: How To Stop It In Its Tracks, and Respond When You Can't," with Eduardo Cabrera, chief cybersecurity officer of Trend Micro. 

Want to follow up that "how attackers find out about your organization" webinar with more advice about preventing them from using that info? Then don't miss "Defeating Social Engineering, BECs & Phishing," with Bishop Fox's Rob Ragan and Alex DeFreese. 

Trying to deal with the security skills shortage, and don't have time to wait for the next generation of infosec pros to graduate from university programs that don't even exist yet? Then take a seat in Surviving the Security Skills Shortage, moderated by Dark Reading's own executive editor Kelly Jackson-Higgins, with a panel of security executives from Coca-Cola, Ford, and Microsoft.  

Check out all the sessions in the Interop Security Track. And don't forget about the two-day Dark Reading Cybersecurity Summit -- a great "what you need to know now" refresher for the overworked infosec pro or security crash course for the IT generalists in your life. The agenda has just been released!

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17407
PUBLISHED: 2018-09-23
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
CVE-2018-17358
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a ...
CVE-2018-17359
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
CVE-2018-17360
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executa...
CVE-2018-17361
PUBLISHED: 2018-09-23
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled.