Threat Intelligence
News & Commentary
3 Nigerian Cyberthieves Sentenced to Total of 235 Years in Prison
Dark Reading Staff, Quick Hits
Using love-struck girlfriends found on the Internet to help them carry out their schemes, three Nigerian cyberthieves and their cohorts made off with tens of millions of dollars in pilfered goods before they were ultimately sentenced to a collective total of 235 years in prison.
By Dark Reading Staff , 5/25/2017
Comment0 comments  |  Read  |  Post a Comment
WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
But a Chinese-language link doesn't shoot down theories of the North Korean Lazarus Group's involvement in the ransomware worm attacks, say language experts at Flashpoint.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/25/2017
Comment0 comments  |  Read  |  Post a Comment
WannaCry Gives Consumers a First Look into Ransomware
Dark Reading Staff, Quick Hits
Although ransomware has been around for two years, it took the fast-moving and expansive WannaCry to provide a majority of consumers their first glimpse, according to a study released today.
By Dark Reading Staff , 5/25/2017
Comment0 comments  |  Read  |  Post a Comment
Medical Devices Fall Short in Security Best Practices
Dawn Kawamoto, Associate Editor, Dark ReadingNews
More than half of medical device makers and healthcare delivery organizations anticipate an attack on their medical devices within the next 12 months, but only a smattering take significant steps to prevent it, according to a survey released today.
By Dawn Kawamoto Associate Editor, Dark Reading, 5/25/2017
Comment0 comments  |  Read  |  Post a Comment
WannaCry: The North Korea Debate
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers split over whether an infamous North Korean hacking group, an affiliate, or another attacker altogether, is behind the epic ransomware worm.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/24/2017
Comment0 comments  |  Read  |  Post a Comment
Unsanctioned Computer Support Costs Companies $88K per Year
Dark Reading Staff, Quick Hits
A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.
By Dark Reading Staff , 5/24/2017
Comment1 Comment  |  Read  |  Post a Comment
DDoS Attacks Fell 23% in First Quarter, Grew in Size
Dark Reading Staff, Quick Hits
Although the number of DDoS attacks dropped in the first three months of the year, the average size of each attack grew, according to a Verisign report released Tuesday.
By Dark Reading Staff , 5/24/2017
Comment2 comments  |  Read  |  Post a Comment
9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
Dawn Kawamoto, Associate Editor, Dark Reading
Mistakes and missteps plague enterprise security. The Verizon 2017 Data Breach Investigations Report (DBIR) offers nuggets on what organizations must stop doing now.
By Dawn Kawamoto Associate Editor, Dark Reading, 5/23/2017
Comment0 comments  |  Read  |  Post a Comment
Staying a Step Ahead of Internet Attacks
Markus Jakobsson, Chief Scientist at AgariCommentary
There's no getting around the fact that targeted attacks - like phishing - will happen. But you can figure out the type of attack to expect next.
By Markus Jakobsson Chief Scientist at Agari, 5/23/2017
Comment2 comments  |  Read  |  Post a Comment
Hacker Hit with 30-Month Prison Term in Securities Case
Dark Reading Staff, Quick Hits
Ukrainian hacker sentenced for his role stealing press releases about upcoming stock trades that generated roughly $30 million in illegal profits.
By Dark Reading Staff , 5/23/2017
Comment0 comments  |  Read  |  Post a Comment
WannaCry Hit Windows 7 Machines Most
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
More than 95% of all of the infected machines were running Windows 7, according to Kaspersky Lab data.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
Using Artificial Intelligence for Threat Prevention
Emily Johnson, Digital Content Editor, InformationWeekCommentaryVideo
Cylance director of sales engineering Rich Thompson stops by the InformationWeek News Desk to share how the company uses artificial intelligence to identify unknown threats and stop the execution of an attack.
By Emily Johnson Digital Content Editor, InformationWeek, 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
Russian 'Cron' Cyber Gang Arrested for Raiding Bank Accounts
Dark Reading Staff, Quick Hits
Russian authorities arrest a group of 16 hackers who allegedly were attacking banks in their native country via mobile malware, nixing plans for their global expansion.
By Dark Reading Staff , 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
Emerging Threats to Add to Your Security Radar Screen
Kelly Sheridan, Associate Editor, Dark ReadingNews
The cybersecurity threat landscape is poised to grow in size and complexity - what to look out for.
By Kelly Sheridan Associate Editor, Dark Reading, 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
In Search of an Rx for Enterprise Security Fatigue
Rick Orloff, VP, Chief Security Officer, and Chief Privacy Officer at Code42Commentary
Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe? You're not alone.
By Rick Orloff VP, Chief Security Officer, and Chief Privacy Officer at Code42, 5/22/2017
Comment0 comments  |  Read  |  Post a Comment
Researcher Creates Tool to Unlock WannaCry-Infected Windows XP Files
Dark Reading Staff, Quick Hits
A security researcher appears to have discovered a flaw in WannaCry that may provide Windows XP victims of the attack with a way to unlock their files.
By Dark Reading Staff , 5/19/2017
Comment0 comments  |  Read  |  Post a Comment
Ransomware Rocks Endpoint Security Concerns
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Meanwhile, threat detection technologies are evolving that can help security teams spot incidents more efficiently.
By Dawn Kawamoto Associate Editor, Dark Reading, 5/19/2017
Comment0 comments  |  Read  |  Post a Comment
Don't Forget Basic Security Measures, Experts Say
Kelly Sheridan, Associate Editor, Dark ReadingNews
Some security leaders argue there is little point in worrying about emerging threats when businesses can't defend against today's attacks.
By Kelly Sheridan Associate Editor, Dark Reading, 5/18/2017
Comment2 comments  |  Read  |  Post a Comment
Android Users Fail to Run Latest OS Version
Dark Reading Staff, Quick Hits
A study finds 98% of Android devices are not running the latest software version, according to a report released today by Zimperium.
By Dark Reading Staff , 5/18/2017
Comment0 comments  |  Read  |  Post a Comment
Why We Need a Data-Driven Cybersecurity Market
David Damato, Chief Security Officer, TaniumCommentary
NIST should bring together industry to create a standard set of metrics and develop better ways to share information.
By David Damato Chief Security Officer, Tanium, 5/17/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Kelly Jackson Higgins
Current Conversations Test
In reply to: Re: Hack
Post Your Own Reply
Posted by TimonN774
Current Conversations Good luck.   
In reply to: Hack
Post Your Own Reply
More Conversations
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I've seen worse.  Last week Tim had a dragon."
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.