Analytics //

Security Monitoring

News & Commentary
Cyber Crooks Diversify Business with Multi-Intent Malware
Avi Chesla, CEO and Founder, empowCommentary
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
By Avi Chesla CEO and Founder, empow, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Energy Sector's IT Networks in the Bulls-Eye
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/5/2018
Comment0 comments  |  Read  |  Post a Comment
7 Non-Computer Hacks That Should Never Happen
Steve Zurier, Freelance Writer
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.
By Steve Zurier Freelance Writer, 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Security Researchers Struggle with Bot Management Programs
Kaan Onarlioglu, Senior Security Researcher, AkamaiCommentary
Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.
By Kaan Onarlioglu Senior Security Researcher, Akamai, 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin SystemsCommentary
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018
Comment6 comments  |  Read  |  Post a Comment
The Top 5 Security Threats & Mitigations for Industrial Networks
Barak Perelman, CEO, IndegyCommentary
While vastly different than their IT counterparts, operational technology environments share common risks and best practices.
By Barak Perelman CEO, Indegy, 9/18/2018
Comment0 comments  |  Read  |  Post a Comment
The Economics of AI-Enabled Security
Dark Reading Staff, CommentaryVideo
While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Filtering the Threat Intelligence Tsunami
Dark Reading Staff, CommentaryVideo
Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Ensuring Web Applications Are Hardened, Secure
Dark Reading Staff, CommentaryVideo
Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Improving the Adoption of Security Automation
Dan Koloski, Vice President, Oracle's Systems Management and Security  products groupCommentary
Four barriers to automation and how to overcome them.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 6/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Panorays Debuts With $5 Million Investment
Dark Reading Staff, Quick Hits
Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.
By Dark Reading Staff , 6/5/2018
Comment1 Comment  |  Read  |  Post a Comment
I, for One, Welcome Our Robotic Security Overlords
Danelle Au, VP Strategy, SafeBreachCommentary
Automation will come in more subtle ways than C-3PO and it's transforming cybersecurity.
By Danelle Au VP Strategy, SafeBreach, 6/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMCCommentary
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018
Comment3 comments  |  Read  |  Post a Comment
FireEye Offers Free Tool to Detect Malicious Remote Logins
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Open source GeoLogonalyzer helps to weed out hackers exploiting stolen credentials to log into their targets.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/30/2018
Comment0 comments  |  Read  |  Post a Comment
Machine Learning, Artificial Intelligence & the Future of Cybersecurity
Craig Hinkley, CEO, WhiteHat SecurityCommentary
The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.
By Craig Hinkley CEO, WhiteHat Security, 5/30/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Steps for Applying Data Science to Security
Steve Zurier, Freelance Writer
Two experts share their data science know-how in a tutorial focusing on internal DNS query analysis.
By Steve Zurier Freelance Writer, 5/23/2018
Comment0 comments  |  Read  |  Post a Comment
New Survey Shows Hybrid Cloud Confidence
Dark Reading Staff, Quick Hits
Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.
By Dark Reading Staff , 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
How Measuring Security for Risk & ROI Can Empower CISOs
Vikram Phatak, Chief Executive Officer of NSS LabsCommentary
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
By Vikram Phatak Chief Executive Officer of NSS Labs, 3/28/2018
Comment1 Comment  |  Read  |  Post a Comment
The Containerization of Artificial Intelligence
Hamid Karimi, VP of Business Development at Beyond SecurityCommentary
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
By Hamid Karimi VP of Business Development at Beyond Security, 3/16/2018
Comment1 Comment  |  Read  |  Post a Comment
Critical Start to Buy Advanced Threat Analytics
Dark Reading Staff, Quick Hits
Firms previously had teamed up in SOC services.
By Dark Reading Staff , 3/15/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Post a Comment
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15759
PUBLISHED: 2018-11-19
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perfo...
CVE-2018-15761
PUBLISHED: 2018-11-19
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges...
CVE-2018-17190
PUBLISHED: 2018-11-19
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code ...
CVE-2018-1841
PUBLISHED: 2018-11-19
IBM Cloud Private 2.1.0 could allow a local user to obtain the CA Private Key due to it being world readable in boot/master node. IBM X-Force ID: 150901.
CVE-2018-18519
PUBLISHED: 2018-11-19
BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group.