Breach Defense Playbook: Cybersecurity Governance
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Time to leave the island: Integrate cybersecurity into your risk management strategy.
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/25/2015
Comment1 Comment  |  Read  |  Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 2)
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Will your incident response plan work when a real-world situation occurs?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/24/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 1)
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Will your incident response plan work when a real-world situation occurs?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/23/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Open Source Intelligence
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Do you know what information out there is putting you at risk?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/22/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 2)
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Cybersecurity requires a combination of people, process, and technology in a coordinated implementation leveraging a defense-in-depth methodology.
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/18/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 1)
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
How does your cybersecurity program compare to your industry peers?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Hunting For Breach Indicators
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Do you proactively hunt for malware on your network, or do you wait for your tools to tell you?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/11/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Assessing Your Security Controls
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Do you include physical security as part of your cybersecurity risk management plan?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/10/2015
Comment0 comments  |  Read  |  Post a Comment
Breach Defense Playbook: Assessing Your Cybersecurity Engineering
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
Is your cybersecurity infrastructure robust enough to defend against future attacks?
By Ryan Vela Regional Director, Fidelis Cybersecurity, 6/9/2015
Comment0 comments  |  Read  |  Post a Comment
Drinking from the Malware Fire Hose
John Bambenek , Senior Threat Researcher, Fidelis CybersecurityCommentary
Take a staged approach to processing malware in bulk so that scarce and time-limited resources can be prioritized for only those threats that truly require them.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 5/15/2015
Comment0 comments  |  Read  |  Post a Comment
Third-Party Risk and Organizational Situational Awareness
Emilio Iasiello, Senior Cyber Intelligence Analyst, Fidelis CybersecurityCommentary
A rigorous risk management approach will help organizations understand the potential risks posed by their partners.
By Emilio Iasiello Senior Cyber Intelligence Analyst, Fidelis Cybersecurity, 4/27/2015
Comment0 comments  |  Read  |  Post a Comment
The Rise of Counterintelligence in Malware Investigations
John Bambenek , Senior Threat Researcher, Fidelis CybersecurityCommentary
The key to operationalizing cybersecurity threat intelligence rests in the critical thinking that establishes that a given indicator is, in fact, malicious.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 4/22/2015
Comment1 Comment  |  Read  |  Post a Comment
Breach Defense Playbook
Ryan Vela  , Regional Director, Fidelis CybersecurityCommentary
How to be smart about defending against your next attack.
By Ryan Vela Regional Director, Fidelis Cybersecurity, 4/16/2015
Comment0 comments  |  Read  |  Post a Comment
Threat Intelligence Is a Two-Way Street
Emilio Iasiello, Senior Cyber Intelligence Analyst, Fidelis CybersecurityCommentary
Intelligence analysis should be looked upon as less of a service and more of a partnership.
By Emilio Iasiello Senior Cyber Intelligence Analyst, Fidelis Cybersecurity, 4/14/2015
Comment0 comments  |  Read  |  Post a Comment
Principles of Malware Sinkholing
John Bambenek , Senior Threat Researcher, Fidelis CybersecurityCommentary
The process of sinkholing is an important tool to have in your arsenal when dealing with emerging threats.
By John Bambenek Senior Threat Researcher, Fidelis Cybersecurity, 4/6/2015
Comment0 comments  |  Read  |  Post a Comment
Application of Threat Indicators: A Temporal View
Hardik Modi , Director of Threat Research, Fidelis CybersecurityCommentary
Better outcomes will be achieved when were applying temporal considerations to threat indicators.
By Hardik Modi Director of Threat Research, Fidelis Cybersecurity, 4/1/2015
Comment0 comments  |  Read  |  Post a Comment
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Fidelis Cybersecurity provides organizations with a robust, comprehensive portfolio of products, services, and expertise to combat today's sophisticated advanced threats and prevent data breaches. Our commercial enterprise and government customers around the globe can face advanced threats with confidence through use of our Network Defense and Forensics Services – delivered by an elite team of security professionals with decades of hands-on experience – and our award-winning Fidelis XPS™ Advanced Threat Defense Products, which provide visibility and control over the entire threat life cycle.
Featured Writers
White Papers
Video
Cartoon
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.