Analytics
News & Commentary
Fortune 1000 Companies See Security Ratings Drop
Kelly Sheridan, Associate Editor, InformationWeekNews
Fortune 1000 businesses report more breaches, and lower security performance, than their non-F1000 counterparts.
By Kelly Sheridan Associate Editor, InformationWeek, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Trust, Cloud & the Quest for a Glass Wall around Security
Stan Black, CSO, CitrixCommentary
In the next year, were going to see a leap towards strategic, business-level objectives that can be resolved by simplifying infrastructure and granting greater visibility in real time.
By Stan Black CSO, Citrix, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Today on Dark Reading: Your Costs, Risks & Metrics Questions Answered
Dark Reading Staff, Commentary
First up on the Dark Reading upcoming events calendar is our Dark Reading Virtual Event Tuesday, Feb. 28.
By Dark Reading Staff , 2/27/2017
Comment4 comments  |  Read  |  Post a Comment
20 Cybersecurity Startups To Watch In 2017
Ericka Chickowski, Contributing Writer, Dark Reading
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/24/2017
Comment2 comments  |  Read  |  Post a Comment
Why Identity Has Become A Top Concern For CSOs
Saryu Nayyar, CEO, GuruculCommentary
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
By Saryu Nayyar CEO, Gurucul, 2/14/2017
Comment1 Comment  |  Read  |  Post a Comment
IBM Brings Watson Cognitive Computing To The SOC
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/13/2017
Comment1 Comment  |  Read  |  Post a Comment
How to Handle Threats When Short-Staffed
Dark Reading Staff, CommentaryVideo
Skyboxs Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
By Dark Reading Staff , 2/3/2017
Comment0 comments  |  Read  |  Post a Comment
Over 4.2 Billion Records Exposed In 4,149 Breaches In 2016
Dark Reading Staff, Quick Hits
Survey says US and UK witnessed more than half of 2016 global breaches; 52% of attacks compromised Social Security Numbers.
By Dark Reading Staff , 1/31/2017
Comment0 comments  |  Read  |  Post a Comment
Why Youre Doing Cybersecurity Risk Measurement Wrong
Daniel Gordon, Cyber Intel Analyst, Lockheed Martin Computer Incident Response TeamCommentary
Measuring risk isnt as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
By Daniel Gordon Cyber Intel Analyst, Lockheed Martin Computer Incident Response Team, 1/30/2017
Comment0 comments  |  Read  |  Post a Comment
This Week On Dark Reading: Event Calendar
Dark Reading Staff, Commentary
Devote some time and headspace to improving your skills with these Dark Reading events.
By Dark Reading Staff , 1/25/2017
Comment0 comments  |  Read  |  Post a Comment
Machine Learning For Cybersecurity Not Cybercrime
Liviu Arsene, Senior E-threat Analyst, Bitdefender
Cybercriminals have yet to adopt machine learning for offensive attack strategies - and they probably wont for a long time.
By Liviu Arsene Senior E-threat Analyst, Bitdefender, 1/17/2017
Comment0 comments  |  Read  |  Post a Comment
Crowdsourcing 20 Answers To Security Ops & IR Questions
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEyeCommentary
Those who know do not speak. Those who speak do not know. Why it pays to take a hard look at our own incident response functions and operations.
By Joshua Goldfarb VP & CTO - Emerging Technologies, FireEye, 1/12/2017
Comment2 comments  |  Read  |  Post a Comment
'Molecular' Cybersecurity Vs. Information Cybersecurity
David Zahn, General Manager of Cybersecurity at PASCommentary
When it comes to industrial processes, security begins at the molecular level.
By David Zahn General Manager of Cybersecurity at PAS, 1/10/2017
Comment0 comments  |  Read  |  Post a Comment
7 Ways To Fine-Tune Your Threat Intelligence Model
Terry Sweeney, Contributing Editor
The nature of security threats is too dynamic for set-and-forget. Here are some ways to shake off that complacency.
By Terry Sweeney Contributing Editor, 1/5/2017
Comment3 comments  |  Read  |  Post a Comment
Cyberrisk Through A Business Lens
Jack Jones, Chairman, FAIR InstituteCommentary
Boards and CEOs can focus on these critical factors to provide better cyberrisk governance.
By Jack Jones Chairman, FAIR Institute, 1/3/2017
Comment6 comments  |  Read  |  Post a Comment
Security Analytics: Don't Let Your Data Lake Turn Into A Data Swamp
Nik Whitfield, Computer Scientist & Security Technology EntrepreneurCommentary
It's easy to get bogged down when looking for insights from data using Hadoop. But that doesn't have to happen, and these tips can help.
By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 12/21/2016
Comment0 comments  |  Read  |  Post a Comment
5 Things Security Pros Need To Know About Machine Learning
Rutrell Yasin, Business Technology Writer, Tech Writers Bureau
Experts share best practices for data integrity, pattern recognition and computing power to help enterprises get the most out of machine learning-based technology for cybersecurity.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 12/12/2016
Comment2 comments  |  Read  |  Post a Comment
Holiday Weekend Online Payment Card Fraud 20% Higher In 2016
Dark Reading Staff, Quick Hits
In the face of EMV chips, criminals turned online to commit card-not-present fraud this Black Friday and Cyber Monday.
By Dark Reading Staff , 12/1/2016
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Virtual Event Seeks To Break Security Myths, Conventional Wisdom
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Three keynotes, two panel sessions offer new ways to think about enterprise information security.
By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2016
Comment5 comments  |  Read  |  Post a Comment
Surveys: Security Pros Overwhelmed, Not Communicating, Threat Intel Data
Terry Sweeney, Contributing EditorNews
Two new studies underscore the challenges of making threat intelligence part of the enterprise arsenal.
By Terry Sweeney Contributing Editor, 11/3/2016
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Plumber
Current Conversations I need one myself!!!
In reply to: Plumber Hair Cuts">Re: Plumber Hair Cuts
Post Your Own Reply
Posted by dungmourice
Current Conversations Great post!
In reply to: Thanks
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.