Threat Intelligence
News & Commentary
Apple Rehires Security Expert Jon Callas
Dark Reading Staff, Quick Hits
Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.
By Dark Reading Staff , 5/25/2016
Comment0 comments  |  Read  |  Post a Comment
4 Signs Security Craves More Collaboration
Steve Zurier, Freelance WriterNews
New Intel Security report finds that companies look to work together across departmental lines to remediate security incidents.
By Steve Zurier Freelance Writer, 5/25/2016
Comment0 comments  |  Read  |  Post a Comment
GSA May Offer Bug Bounty Program For Federal Agencies
Jai Vijayan, Freelance writerNews
Researchers will be eligible for bounties of up to $3,500 for discovering bugs in federal agency systems.
By Jai Vijayan Freelance writer, 5/24/2016
Comment0 comments  |  Read  |  Post a Comment
Poor Airport Security Practices Just Don’t Fly
Joe Schorr, Director of Advanced Security Solutions, BomgarCommentary
Five lessons learned the hard way by the Tampa International Airport about bringing third parties into a security environment.
By Joe Schorr Director of Advanced Security Solutions, Bomgar, 5/24/2016
Comment0 comments  |  Read  |  Post a Comment
Epic Security #FAILS Of The Past 10 Years
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
In honor of Dark Reading's 10-year anniversary, a look at ten of the biggest failed security trends, technologies, and tactics.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/19/2016
Comment1 Comment  |  Read  |  Post a Comment
Why Security Investigators Should Care About Forensic Research
Paul Shomo,  Technical Manager Strategic Partnerships, Guidance SoftwareCommentary
Despite the promise of expanded visibility into the user trail behind a data breach, the security industry has largely ignored the meticulous advances of forensic researchers. Privacy is just one reason for the snub.
By Paul Shomo Technical Manager Strategic Partnerships, Guidance Software, 5/19/2016
Comment2 comments  |  Read  |  Post a Comment
Time To Treat Sponsors Of Ransomware Campaigns As Terrorists, Lawmaker Says
Jai Vijayan, Freelance writerNews
Fighting ransomware at an international level will require cooperation between law enforcement and State Department, Sen. Lindsey Graham, said at a Senate hearing.
By Jai Vijayan Freelance writer, 5/18/2016
Comment2 comments  |  Read  |  Post a Comment
Cybercrooks Think More Like CEOs And Consultants Than You Think
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Speaking the language of the board room, and understanding things like value chain and SWOT analysis, might help you speak the language of the adversary.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/17/2016
Comment0 comments  |  Read  |  Post a Comment
US, China Hold Cyber Talks For First Time After September Deal
Dark Reading Staff, Quick Hits
Meeting was part of pledge between heads of both nations for joint action on growing cyberspace concerns.
By Dark Reading Staff , 5/13/2016
Comment0 comments  |  Read  |  Post a Comment
IBM Watson Will Help Battle Cyberattacks
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
IBM and leading universities will train IBM Watson to discover hidden patterns and cyber threats.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 5/12/2016
Comment0 comments  |  Read  |  Post a Comment
Verizon DBIR Puzzler Solved With Meghan Trainor And ‘Cyber Pathogens’
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
All about that puzzler's paradise that is the 2016 Annual Verizon Data Breach Investigations Report cover contest.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/12/2016
Comment0 comments  |  Read  |  Post a Comment
Startup XOR Offers Free Protection For Hacked Organizations
Dark Reading Staff, Quick Hits
Compromised Identity Exchange designed to shield victims from identity theft and more.
By Dark Reading Staff , 5/12/2016
Comment0 comments  |  Read  |  Post a Comment
Healthcare Suffers Estimated $6.2 Billion In Data Breaches
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Nearly 90 percent of healthcare organizations were slammed by a breach in the past two years.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/12/2016
Comment3 comments  |  Read  |  Post a Comment
Windows 0-Day Exploit Used In Recent Wave Of PoS Attacks
Jai Vijayan, Freelance writerNews
Privilege-escalation exploit was part of a malware campaign that impacted more than 100 organizations earlier this year, according to FireEye.
By Jai Vijayan Freelance writer, 5/11/2016
Comment0 comments  |  Read  |  Post a Comment
What Makes Next-Gen Endpoint Protection Unique?
Sean Martin, CISSP | President, imsmartin
Here are five critical factors you need to know about today's new breed of endpoint protection technology.
By Sean Martin CISSP | President, imsmartin, 5/10/2016
Comment2 comments  |  Read  |  Post a Comment
Terror Groups Using Legit, Home Grown Tools To Communicate, Proselytize
Jai Vijayan, Freelance writerNews
Trend Micro says its research shows that terror, cybercrime groups often use same tools to operate
By Jai Vijayan Freelance writer, 5/9/2016
Comment0 comments  |  Read  |  Post a Comment
Mandia Replaces DeWalt As CEO Of FireEye
Dark Reading Staff, Quick Hits
In major shake-up of company’s top brass, DeWalt moved to executive chairman.
By Dark Reading Staff , 5/6/2016
Comment1 Comment  |  Read  |  Post a Comment
Proof-of-Concept Exploit Sharing Is On The Rise
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
Research offers cyber defenders view of which POC exploits are being shared and distributed by threat actors.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 5/5/2016
Comment0 comments  |  Read  |  Post a Comment
Silicon & Artificial Intelligence: The Foundation of Next Gen Data Security
Mark Papermaster, SVP & CTO, AMDCommentary
Why new challenges like ‘real-time, always-on’ authentication and access control can only be met by a combination of smart hardware and software.
By Mark Papermaster SVP & CTO, AMD, 5/5/2016
Comment0 comments  |  Read  |  Post a Comment
Government Cybersecurity Performance, Confidence Bottoms Out
Ericka Chickowski, Contributing Writer, Dark ReadingNews
In the wake of OPM and other big gov breaches, government cybersecurity performance scores and employee confidence ratings sink through the floor.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/28/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
8 Key Building Blocks for Enterprise Network Defense
Networks are changing rapidly -- and so are strategies for protecting them. This Tech Digest looks at the fundamentals for the next-gen environment.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In this episode of Dark Reading Radio, veteran CISOs will share their experience and insight into how organizations can get the best bang for their security buck.