Page 1 / 2   >   >>
'Reaper': The Professional Bot Herders Thingbot
David Holmes, World-Wide Security Evangelist, F5Commentary
Is it malicious? So far it's hard to tell. For now it's a giant blinking red light in security researchers faces warning us that wed better figure out how to secure the Internet of Things.
By David Holmes World-Wide Security Evangelist, F5, 11/16/2017
Comment0 comments  |  Read  |  Post a Comment
'Goldilocks' Legislation Aims to Clean up IoT Security
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
The proposed Internet of Things Cybersecurity Improvement Act of 2017 is not too hard, not too soft, and might be just right.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 11/9/2017
Comment0 comments  |  Read  |  Post a Comment
5 Reasons CISOs Should Keep an Open Mind about Cryptocurrency
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
With untold new markets for Bitcoin and other 'alt-coins,' it's going to be an exciting future -- and security leaders need to get ready for it.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 11/2/2017
Comment0 comments  |  Read  |  Post a Comment
5 Reasons Why the CISO is a Cryptocurrency Skeptic
David Holmes, World-Wide Security Evangelist, F5Commentary
If you think all you need is technology to defend against bad guys, you shouldnt be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.
By David Holmes World-Wide Security Evangelist, F5, 10/26/2017
Comment0 comments  |  Read  |  Post a Comment
CISOs: Striving Toward Proactive Security Strategies
Mike Convertino, CISO & VP, Information Security, F5 NetworksCommentary
A new survey paints a compelling picture of the modern security executive, how they succeed, and how much power they wield.
By Mike Convertino CISO & VP, Information Security, F5 Networks, 10/19/2017
Comment0 comments  |  Read  |  Post a Comment
6 Steps to Finding Honey in the OWASP
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
The most famous project of the Open Web Application Security Project is getting an update. Here's what you need to know, and how you can get involved.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 10/12/2017
Comment0 comments  |  Read  |  Post a Comment
URL Obfuscation: Still a Phisher's Phriend
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
There are three primary techniques to trick users into thinking a website link is real: URL shorteners, URL doppelgangers, and URL redirects.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 10/5/2017
Comment0 comments  |  Read  |  Post a Comment
TrickBot Rapidly Expands its Targets in August
Sara Boddy, Principal Threat Research EvangelistCommentary
TrickBot shifted its focus to U.S banks and credit card companies, soaring past the 1,000 target URL mark in a single configuration.
By Sara Boddy Principal Threat Research Evangelist, 9/28/2017
Comment0 comments  |  Read  |  Post a Comment
Where Do Security Vulnerabilities Come From?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
There are three major causes: code quality, complexity, and trusted data inputs.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 9/22/2017
Comment0 comments  |  Read  |  Post a Comment
The Hunt for IoT: The Rise of Thingbots
Sara Boddy, Principal Threat Research EvangelistCommentary
Across all of our research, every indication is that todays "thingbots" botnets built exclusively from Internet of Things devices will become the infrastructure for a future Darknet.
By Sara Boddy Principal Threat Research Evangelist, 9/14/2017
Comment0 comments  |  Read  |  Post a Comment
CIO or C-Suite: To Whom Should the CISO Report?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Five reasons why the chief information security officer needs to get out from under the control of IT.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 9/7/2017
Comment0 comments  |  Read  |  Post a Comment
Phishing for Your Information: How Phishers Bait Their Hooks
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
A treasure trove of PII from social networks and the public Internet is there for the taking.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 8/31/2017
Comment0 comments  |  Read  |  Post a Comment
How Quantum Computing Will Change Browser Encryption
David Holmes, World-Wide Security Evangelist, F5Commentary
From a protocol point of view, were closer to a large-scale quantum computer than many people think. Heres why thats an important milestone.
By David Holmes World-Wide Security Evangelist, F5, 8/24/2017
Comment0 comments  |  Read  |  Post a Comment
How to Avoid the 6 Most Common Audit Failures
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
In a security audit, the burden is on you to provide the evidence that youve done the right things.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 8/17/2017
Comment0 comments  |  Read  |  Post a Comment
6 Ways CISOs Can Play a Role in Selling Security
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
When customers ask tough questions about data security, business service resilience, privacy, regulatory, and reputational risk its best to remain upbeat and positive. Heres how.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 8/10/2017
Comment0 comments  |  Read  |  Post a Comment
Fight 'Credential Stuffing' with a New Approach to Authorization
Michael Koyfman, Senior Global Security Solution Architect, F5 NetworksCommentary
Token-based authorization that lets users prove their identity through Facebook, Google, or Microsoft credentials can dramatically reduce your attack surface and give enterprises a single point of control.
By Michael Koyfman Senior Global Security Solution Architect, F5 Networks, 8/3/2017
Comment1 Comment  |  Read  |  Post a Comment
Can Your Risk Assessment Stand Up Under Scrutiny?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Weak risk assessments have gotten a pass up until now, but that may be changing.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 7/27/2017
Comment2 comments  |  Read  |  Post a Comment
Profile of a Hacker: The Real Sabu
David Holmes, World-Wide Security Evangelist, F5Commentary
There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Heres one, and another about what he is doing today.
By David Holmes World-Wide Security Evangelist, F5, 7/20/2017
Comment0 comments  |  Read  |  Post a Comment
The Hunt for Networks Building Death Star-Sized Botnets
Sara Boddy, Principal Threat Research EvangelistCommentary
Internet of Things devices are more critically vulnerable to compromise in DDos attacks than ever before. Heres how to defend against them.
By Sara Boddy Principal Threat Research Evangelist, 7/13/2017
Comment0 comments  |  Read  |  Post a Comment
Doxing, DoS & Defacement: Todays Mainstream Hacktivism Tools
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Anyone can get angry at you and become a hacktivist. Heres how to protect your organization from these increasingly common cyber attacks.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 6/29/2017
Comment0 comments  |  Read  |  Post a Comment
Page 1 / 2   >   >>
Companies Blindly Believe They've Locked Down Users' Mobile Use
Dawn Kawamoto, Associate Editor, Dark Reading,  11/14/2017
Microsoft Word Vuln Went Unnoticed for 17 Years: Report
Kelly Sheridan, Associate Editor, Dark Reading,  11/14/2017
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
F5 makes apps go-faster, smarter, and safer. With solutions for the cloud and the data center, F5 technology provides unparalleled visibility and control, allowing customers to secure their users, applications, and data. For more information, visit www.f5.com.
Featured Writers
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.