Analytics
News & Commentary
Free 'CANSPY' Car-Hacking Tool On Tap
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
French researchers at Black Hat USA will release plug-in tool for testing vehicles for security vulnerabilities.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/27/2016
Comment0 comments  |  Read  |  Post a Comment
FBI: BEC Scam Attempts Amount to $3 Billion
Dark Reading Staff, Quick Hits
FBI warns of rise in business email compromise frauds, says it should be reported immediately.
By Dark Reading Staff , 6/15/2016
Comment0 comments  |  Read  |  Post a Comment
Ransomware Domains Up By 3,500% In Q1
Sara Peters, Senior Editor at Dark ReadingNews
Cybercriminals know a good thing when they see it.
By Sara Peters Senior Editor at Dark Reading, 6/1/2016
Comment1 Comment  |  Read  |  Post a Comment
Call Centers In The Bullseye
Emily Johnson, Associate Editor, UBM AmericasNews
Cheap set-ups, economic recession, and the US rollout of chip-and-PIN technology, all contribute to dramatic increase in call center fraud.
By Emily Johnson Associate Editor, UBM Americas, 5/12/2016
Comment2 comments  |  Read  |  Post a Comment
Malware At Root Of Bangladesh Bank Heist Lies To SWIFT Financial Platform
Sara Peters, Senior Editor at Dark ReadingNews
Customized malware hid $81 million of wire transfers until the money had been safely laundered.
By Sara Peters Senior Editor at Dark Reading, 4/25/2016
Comment1 Comment  |  Read  |  Post a Comment
MIT AI Researchers Make Breakthrough On Threat Detection
Ericka Chickowski, Contributing Writer, Dark ReadingNews
New artificial intelligence platform offers 3x detection capabilities with 5x fewer false positives.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/18/2016
Comment2 comments  |  Read  |  Post a Comment
How To Monetize Stolen Payment Card Data
Sara Peters, Senior Editor at Dark ReadingNews
The carding value chain not only relies on carders and buyers, but individuals who don't even know they're involved.
By Sara Peters Senior Editor at Dark Reading, 4/12/2016
Comment0 comments  |  Read  |  Post a Comment
7 Lessons From The Panama Papers Leak
Sara Peters, Senior Editor at Dark ReadingNews
Hopefully your organization isn't hiding as many dark secrets as Mossack Fonseca, but the incident still brings helpful hints about data security, breach response, and breach impact.
By Sara Peters Senior Editor at Dark Reading, 4/5/2016
Comment3 comments  |  Read  |  Post a Comment
Machine Learning In Security: Seeing the Nth Dimension in Signatures
Gunter Ollmann,  Chief Security Officer, VectraCommentary
How adding “supervised” machine learning to the development of n-dimensional signature engines is moving the detection odds back to the defender.
By Gunter Ollmann Chief Security Officer, Vectra, 3/31/2016
Comment2 comments  |  Read  |  Post a Comment
Machine Learning In Security: Good & Bad News About Signatures
Gunter Ollmann,  Chief Security Officer, VectraCommentary
Why security teams that rely solely on signature-based detection are overwhelmed by a high number of alerts.
By Gunter Ollmann Chief Security Officer, Vectra, 3/30/2016
Comment0 comments  |  Read  |  Post a Comment
6 Hot Cybersecurity Startups: MACH37’s Spring Class Of 2016
Marilyn Cohodas, Community Editor, Dark Reading
Intense 90-day program mentors budding entrepreneurs in the finer points of developing a viable technology business for the real world of information security.
By Marilyn Cohodas Community Editor, Dark Reading, 3/28/2016
Comment0 comments  |  Read  |  Post a Comment
The Threat Of Security Analytics Complexity
Brian Gillooly, Vice President, Event Content & Strategy, UBM TechCommentaryVideo
Congratulations! You're protecting your organization with layered security...but now you're drowning in more security analytics data flows than you can handle.
By Brian Gillooly Vice President, Event Content & Strategy, UBM Tech, 3/23/2016
Comment8 comments  |  Read  |  Post a Comment
In Brief: Fidelis CSO Talks Insider Threats, Detection Vs. Prevention
Brian Gillooly, Vice President, Event Content & Strategy, UBM TechCommentaryVideo
Chief security officer of Fidelis Cybersecurity talks about the balancing act of both protecting the organization's insiders and protecting the organization from its insiders.
By Brian Gillooly Vice President, Event Content & Strategy, UBM Tech, 3/22/2016
Comment0 comments  |  Read  |  Post a Comment
Security Lessons From My Stock Broker
Adam Shostack, Founder, Stealth StartupCommentary
Knowledge Gap Series: The Myths Of Analytics
Celeste Fralick, Principal Engineer and CTO for Analytics, Intel Security
It may not be rocket science, but it is data science.
By Celeste Fralick Principal Engineer and CTO for Analytics, Intel Security, 3/8/2016
Comment0 comments  |  Read  |  Post a Comment
Using Offensive Security Mindset To Create Best Defense
Brian Gillooly, Vice President, Event Content & Strategy, UBM TechCommentaryVideo
Carbon Black's CTO and chief security strategist talk about how their background in offensive security helps them think like attackers, and better defend against them.
By Brian Gillooly Vice President, Event Content & Strategy, UBM Tech, 3/2/2016
Comment0 comments  |  Read  |  Post a Comment
Fidelis CSO Talks Insiders, Data Science, Encryption Backdoors, Kill Chain
Brian Gillooly, Vice President, Event Content & Strategy, UBM TechCommentaryVideo
The chief security officer of Fidelis Cybersecurity talks about managing insider risks, harnessing the power of metadata, and fending off attackers throughout the entire kill chain.
By Brian Gillooly Vice President, Event Content & Strategy, UBM Tech, 3/2/2016
Comment0 comments  |  Read  |  Post a Comment
Why Your Security Tools Are Exposing You to Added Risks
Dave Aitel & Alex McGeorge, CEO & Head of Threat Intelligence, Immunity Inc.Commentary
The big lesson from 12 months of security product vulnerabilities: there’s no foundation of trust in any piece of software. They all represent a potential new attack vector.
By Dave Aitel & Alex McGeorge CEO & Head of Threat Intelligence, Immunity Inc., 3/2/2016
Comment3 comments  |  Read  |  Post a Comment
Chinese Threat Intel Start-up Finds DarkHotel Exploiting Chinese Telecom
Sara Peters, Senior Editor at Dark ReadingNews
New China-based threat intelligence company ThreatBook wants to be the 'trusted contact in China.'
By Sara Peters Senior Editor at Dark Reading, 3/1/2016
Comment0 comments  |  Read  |  Post a Comment
Measuring Security: My ‘Dwell Time’ Obsession
Jeff Schilling, Chief of Operations and Security, ArmorCommentary
How I discovered the critical metric to fuel my drive to create the most secure environment possible.
By Jeff Schilling Chief of Operations and Security, Armor, 2/29/2016
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by honey143
Current Conversations Nice post
In reply to: greetings!!
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
DNS Threats: What Every Enterprise Should Know
Domain Name System exploits could put your data at risk. Here's some advice on how to avoid them.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Tim Wilson speaks to two experts on vulnerability research – independent consultant Jeremiah Grossman and Black Duck Software’s Mike Pittenger – about the latest wave of vulnerabilities being exploited by online attackers