Analytics

News & Commentary
Cyber Crooks Diversify Business with Multi-Intent Malware
Avi Chesla, CEO and Founder, empowCommentary
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
By Avi Chesla CEO and Founder, empow, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Finding Gold in the Threat Intelligence Rush
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
20 Cybersecurity Firms to Watch
Jai Vijayan, Freelance writer
A look at some of the more interesting investments, acquisitions, and strategic moves in the security sector over the past year.
By Jai Vijayan Freelance writer, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Energy Sector's IT Networks in the Bulls-Eye
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/5/2018
Comment0 comments  |  Read  |  Post a Comment
Thoma Bravo Buys Veracode
Kelly Sheridan, Staff Editor, Dark ReadingNews
Broadcom will sell Veracode, acquired last year by CA, for $950M to Thoma Bravo as it broadens its security portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Non-Computer Hacks That Should Never Happen
Steve Zurier, Freelance Writer
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.
By Steve Zurier Freelance Writer, 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Symantec Acquires Appthority And Javelin Networks
Dark Reading Staff, Quick Hits
Both buys bolster the cybersecurity company's endpoint security business.
By Dark Reading Staff , 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Apple Patches Multiple Major Security Flaws
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New security updates cross all Apple platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Qualys Snaps Up Container Firm
Dark Reading Staff, Quick Hits
Plans to use Layered Insight's technology to add runtime capabilities and automated enforcement to its container security tool.
By Dark Reading Staff , 10/31/2018
Comment0 comments  |  Read  |  Post a Comment
9 Traits of A Strong Infosec Resume
Kelly Sheridan, Staff Editor, Dark Reading
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
By Kelly Sheridan Staff Editor, Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
By Kelly Sheridan Staff Editor, Dark Reading, 10/29/2018
Comment0 comments  |  Read  |  Post a Comment
The Three Dimensions of the Threat Intelligence Scale Problem
Todd Weller, Chief Strategy Officer at Bandura CyberCommentary
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
By Todd Weller Chief Strategy Officer at Bandura Cyber, 10/17/2018
Comment1 Comment  |  Read  |  Post a Comment
Security Researchers Struggle with Bot Management Programs
Kaan Onarlioglu, Senior Security Researcher, AkamaiCommentary
Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.
By Kaan Onarlioglu Senior Security Researcher, Akamai, 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Teach Your AI Well: A Potential New Bottleneck for Cybersecurity
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Artificial intelligence (AI) holds the promise of easing the skills shortage in cybersecurity, but implementing AI may result in a talent gap of its own for the industry.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/8/2018
Comment0 comments  |  Read  |  Post a Comment
Alphabet's Chronicle Releases VirusTotal Enterprise
Kelly Sheridan, Staff Editor, Dark ReadingNews
Chronicle, the cybersecurity business under Alphabet, releases a major update to VirusTotal geared toward corporate threat hunters.
By Kelly Sheridan Staff Editor, Dark Reading, 9/27/2018
Comment0 comments  |  Read  |  Post a Comment
Managing Data the Way We Manage Money
Dave Sikora, CEO, ALTRCommentary
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
By Dave Sikora CEO, ALTR, 9/27/2018
Comment1 Comment  |  Read  |  Post a Comment
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin SystemsCommentary
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018
Comment6 comments  |  Read  |  Post a Comment
As Tech Drives the Business, So Do CISOs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
By Kelly Sheridan Staff Editor, Dark Reading, 9/19/2018
Comment0 comments  |  Read  |  Post a Comment
8 Keys to a Successful Penetration Test
Curtis Franklin Jr., Senior Editor at Dark Reading
Pen tests are expensive, but there are key factors that can make them worth the investment.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/19/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by vincityhn1
Current Conversations great!
In reply to: great
Post Your Own Reply
More Conversations
PR Newswire
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19406
PUBLISHED: 2018-11-21
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
CVE-2018-19407
PUBLISHED: 2018-11-21
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-19404
PUBLISHED: 2018-11-21
In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...
CVE-2018-19387
PUBLISHED: 2018-11-20
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
CVE-2018-19388
PUBLISHED: 2018-11-20
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.