Analytics

News & Commentary
Why Security Startups Fly And Why They Crash
Kelly Sheridan, Staff Editor, Dark ReadingNews
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
By Kelly Sheridan Staff Editor, Dark Reading, 7/20/2018
Comment0 comments  |  Read  |  Post a Comment
SOCs Use Automation to Compensate for Training, Technology Issues
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Why Sharing Intelligence Makes Everyone Safer
Sanjay Vidyadharan, CAO & Head of Innovations at Marlabs Inc.Commentary
Security teams must expand strategies to go beyond simply identifying details tied to a specific threat to include context and information about attack methodologies.
By Sanjay Vidyadharan CAO & Head of Innovations at Marlabs Inc., 6/29/2018
Comment0 comments  |  Read  |  Post a Comment
Improving the Adoption of Security Automation
Dan Koloski, Vice President, Oracle's Systems Management and Security  products groupCommentary
Four barriers to automation and how to overcome them.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 6/20/2018
Comment1 Comment  |  Read  |  Post a Comment
The Best and Worst Tasks for Security Automation
Kelly Sheridan, Staff Editor, Dark Reading
As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment5 comments  |  Read  |  Post a Comment
Security Analytics Startup Uptycs Raises $10M in Series A
Dark Reading Staff, Quick Hits
This round of funding for Uptycs, which runs an osquery-powered analytics platform, was led by ForgePoint Capital and Comcast Ventures.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Security Ratings Answer Big Questions in Cyber Insurance
Kelly Sheridan, Staff Editor, Dark ReadingNews
More insurers are teaming up with security ratings firms to learn more about their clients, define policies, and determine coverage.
By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2018
Comment0 comments  |  Read  |  Post a Comment
SAP CSO: Security Requires Context
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Security depends on the apps and networks it protects. SAP CSO Justin Somaini discusses three scenarios.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/11/2018
Comment0 comments  |  Read  |  Post a Comment
Bug Bounty Payouts Up 73% Per Vulnerability: Bugcrowd
Kelly Sheridan, Staff Editor, Dark ReadingNews
Bug bounty programs grew along with payouts, which averaged $781 per vulnerability this year, researchers report.
By Kelly Sheridan Staff Editor, Dark Reading, 6/7/2018
Comment0 comments  |  Read  |  Post a Comment
Operation Prowli Hits 40K with Traffic Monetization, Cryptomining
Kelly Sheridan, Staff Editor, Dark ReadingNews
The campaign targets services including Drupal CMS sites, DSL modems, vulnerable IoT devices, and servers with an open SSH port.
By Kelly Sheridan Staff Editor, Dark Reading, 6/6/2018
Comment0 comments  |  Read  |  Post a Comment
Dark Web Marketplaces Dissolve Post-AlphaBay, Hansa Takedown
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybercrime marketplaces reshape into smaller forums and individual chats as threat actors find new ways to evade law enforcement.
By Kelly Sheridan Staff Editor, Dark Reading, 6/5/2018
Comment0 comments  |  Read  |  Post a Comment
Panorays Debuts With $5 Million Investment
Dark Reading Staff, Quick Hits
Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.
By Dark Reading Staff , 6/5/2018
Comment0 comments  |  Read  |  Post a Comment
I, for One, Welcome Our Robotic Security Overlords
Danelle Au, VP Strategy, SafeBreachCommentary
Automation will come in more subtle ways than C-3PO and it's transforming cybersecurity.
By Danelle Au VP Strategy, SafeBreach, 6/5/2018
Comment0 comments  |  Read  |  Post a Comment
Web Application Firewalls Adjust to Secure the Cloud
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud-based WAFs protect applications without the costs and complexity of on-prem hardware. Here's what to keep in mind as you browse the growing market.
By Kelly Sheridan Staff Editor, Dark Reading, 6/4/2018
Comment0 comments  |  Read  |  Post a Comment
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMCCommentary
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018
Comment3 comments  |  Read  |  Post a Comment
Google Groups Misconfiguration Exposes Corporate Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers say as many as 10,000 businesses are affected by a widespread misconfiguration in Google Groups settings.
By Kelly Sheridan Staff Editor, Dark Reading, 6/1/2018
Comment0 comments  |  Read  |  Post a Comment
Open Bug Bounty Offers Free Program For Websites
Jai Vijayan, Freelance writerNews
Non-profit says it will triage and verify certain kinds of Web vulnerability submissions at no cost for those who sign up.
By Jai Vijayan Freelance writer, 6/1/2018
Comment1 Comment  |  Read  |  Post a Comment
Report: Cross-Site Scripting Still Number One Web Attack
Dark Reading Staff, Quick Hits
SQL injection is the second most common technique, with IT and finance companies the major targets.
By Dark Reading Staff , 6/1/2018
Comment0 comments  |  Read  |  Post a Comment
New Federal Report Gives Guidance on Beating Botnets
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A report from the Departments of Commerce and Homeland Security provides five goals for protecting infrastructure from botnets and other automated threats.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Building Blocks for a Threat Hunting Program
Kelly Sheridan, Staff Editor, Dark ReadingNews
Guidance for businesses building threat intelligence strategies while overwhelmed by threats, lack of talent, and a healthy dose of skepticism about the market.
By Kelly Sheridan Staff Editor, Dark Reading, 5/31/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Hey, I don't make the rules: You get 3 virtual wishes.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14449
PUBLISHED: 2018-07-20
An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.
CVE-2018-14450
PUBLISHED: 2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.
CVE-2018-14451
PUBLISHED: 2018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.
CVE-2018-14452
PUBLISHED: 2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.
CVE-2018-14453
PUBLISHED: 2018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.