Analytics
News & Commentary
Using AI to Break Detection Models
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/25/2017
Comment0 comments  |  Read  |  Post a Comment
How Bad Data Alters Machine Learning Results
Kelly Sheridan, Associate Editor, Dark ReadingNews
Machine learning models tested on single sources of data can prove inaccurate when presented with new sources of information.
By Kelly Sheridan Associate Editor, Dark Reading, 6/13/2017
Comment0 comments  |  Read  |  Post a Comment
How to Succeed at Incident Response Metrics
Tom Webb, Incident Handler, SANS Internet Storm CenterCommentary
Establishing a baseline of what information you need is an essential first step.
By Tom Webb Incident Handler, SANS Internet Storm Center, 6/2/2017
Comment1 Comment  |  Read  |  Post a Comment
Going Beyond Checkbox Security
InformationWeek Staff, CommentaryVideo
Terry Barbounis, cybersecurity evangelist for CenturyLink, stops by the InformationWeek News Desk.
By InformationWeek Staff , 5/24/2017
Comment0 comments  |  Read  |  Post a Comment
How to Integrate Threat Intel & DevOps
Andrew Storms, VP Security Services, New ContextCommentary
Automating intelligence can help your organization in myriad ways.
By Andrew Storms VP Security Services, New Context, 5/4/2017
Comment1 Comment  |  Read  |  Post a Comment
Call Center Fraud Spiked 113% in 2016
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.
By Dawn Kawamoto Associate Editor, Dark Reading, 4/26/2017
Comment1 Comment  |  Read  |  Post a Comment
Machine Learning in Security: 4 Factors to Consider
Kelly Sheridan, Associate Editor, Dark ReadingNews
Key factors to consider before adding machine learning to your security strategy.
By Kelly Sheridan Associate Editor, Dark Reading, 4/21/2017
Comment1 Comment  |  Read  |  Post a Comment
10 Questions To Get Practical Answers At Interop ITX
Dark Reading Staff, Commentary
May 15-19 in Las Vegas: How to get solutions and advice from top speakers for the things that you really want to know.
By Dark Reading Staff , 4/14/2017
Comment0 comments  |  Read  |  Post a Comment
Teaching Hospitals at Greater Data Breach Risk
Dark Reading Staff, Quick Hits
John Hopkins researcher studies data breaches at hospitals between 2009 and 2016.
By Dark Reading Staff , 4/6/2017
Comment1 Comment  |  Read  |  Post a Comment
Data Visualization: Keeping an Eye on Security
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 3/27/2017
Comment3 comments  |  Read  |  Post a Comment
Fortune 1000 Companies See Security Ratings Drop
Kelly Sheridan, Associate Editor, Dark ReadingNews
Fortune 1000 businesses report more breaches, and lower security performance, than their non-F1000 counterparts.
By Kelly Sheridan Associate Editor, Dark Reading, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Trust, Cloud & the Quest for a Glass Wall around Security
Stan Black, CSO, CitrixCommentary
In the next year, were going to see a leap towards strategic, business-level objectives that can be resolved by simplifying infrastructure and granting greater visibility in real time.
By Stan Black CSO, Citrix, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Today on Dark Reading: Your Costs, Risks & Metrics Questions Answered
Dark Reading Staff, Commentary
First up on the Dark Reading upcoming events calendar is our Dark Reading Virtual Event Tuesday, Feb. 28.
By Dark Reading Staff , 2/27/2017
Comment4 comments  |  Read  |  Post a Comment
20 Cybersecurity Startups To Watch In 2017
Ericka Chickowski, Contributing Writer, Dark Reading
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/24/2017
Comment4 comments  |  Read  |  Post a Comment
Why Identity Has Become A Top Concern For CSOs
Saryu Nayyar, CEO, GuruculCommentary
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
By Saryu Nayyar CEO, Gurucul, 2/14/2017
Comment2 comments  |  Read  |  Post a Comment
IBM Brings Watson Cognitive Computing To The SOC
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/13/2017
Comment1 Comment  |  Read  |  Post a Comment
How to Handle Threats When Short-Staffed
Dark Reading Staff, CommentaryVideo
Skyboxs Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
By Dark Reading Staff , 2/3/2017
Comment0 comments  |  Read  |  Post a Comment
Over 4.2 Billion Records Exposed In 4,149 Breaches In 2016
Dark Reading Staff, Quick Hits
Survey says US and UK witnessed more than half of 2016 global breaches; 52% of attacks compromised Social Security Numbers.
By Dark Reading Staff , 1/31/2017
Comment0 comments  |  Read  |  Post a Comment
Why Youre Doing Cybersecurity Risk Measurement Wrong
Daniel Gordon, Cyber Intel Analyst, Lockheed Martin Computer Incident Response TeamCommentary
Measuring risk isnt as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
By Daniel Gordon Cyber Intel Analyst, Lockheed Martin Computer Incident Response Team, 1/30/2017
Comment0 comments  |  Read  |  Post a Comment
This Week On Dark Reading: Event Calendar
Dark Reading Staff, Commentary
Devote some time and headspace to improving your skills with these Dark Reading events.
By Dark Reading Staff , 1/25/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by williamibarra
Current Conversations nice article
In reply to: Re: Pen is a good Knife
Post Your Own Reply
Posted by joye121
Current Conversations nice good work
In reply to: new york
Post Your Own Reply
Posted by joye121
Current Conversations good information :)
In reply to: thanks
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Jamie, the darn Unicorn is back."
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.