Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2017
<<   <   Page 2 / 4   >   >>
Do Software-Defined Data Centers Pose Security Concerns?
Partner Perspectives  |  2/20/2017  | 
SDDC adoption is likely to trigger widespread data security governance programs, with 20 percent of organizations considering them necessary to prevent data breaches.
At Least 70 Organizations Targeted In Sophisticated Cyber Surveillance Operation
News  |  2/17/2017  | 
Most of the targets are in Ukraine, though a few have been spotted in Russia and elsewhere, CyberX says
RSAC 2017 in 4 Words
Curt Franklin  |  2/17/2017  | 
The big news and trends from RSAC 2017 can be summed up in four key words: visibility, IoT, partnership and automation.
Yahoo Explains Cookie Forgery Related To Two 2016 Breaches
Quick Hits  |  2/17/2017  | 
Yahoo's recent update on forged cookies is in relation to two, not three, security breaches announced last year.
Closing The Cybersecurity Skills Gap With STEM
Commentary  |  2/17/2017  | 
As a nation, we should be doing more to promote educational programs that prepare today's students for tomorrow's jobs.
After Election Interference, RSA Conference Speakers Ask What Comes Next
News  |  2/17/2017  | 
Election-tampering called 'a red line we should not allow anyone to cross.'
Man Jailed For Hacking Ex-Employer's Operations
Quick Hits  |  2/17/2017  | 
Louisiana resident Brian Johnson was sentenced to 34 months in prison and ordered to pay more than $1.1 million in damages.
Florida Man Gets 48 Months For $1.3M Spam Email Scheme
Quick Hits  |  2/17/2017  | 
Timothy Livingston committed identity theft and sent bulk spam emails on behalf of clients, generating $1.3 million in profit.
NSS Labs Talks Operationalizing Security
NSS Labs Talks Operationalizing Security
Dark Reading Videos  |  2/17/2017  | 
At RSA, NSS Labs CTO Jason Brvenik discusses how to find the gaps in your current web of security products and how to discover what you're not finding.
Iran Intensifies Its Cyberattack Activity
News  |  2/16/2017  | 
Middle East targets namely Saudi Arabia are feeling the brunt of the attacks, but experts anticipate Iran will double down on hacking US targets.
Ransomware Growth Fueled By Russian-Speaking Cybercriminals
News  |  2/16/2017  | 
Individuals and groups from Russian-speaking countries responsible for a lot of ransomware activity, Kaspersky Lab says.
Exhibitor Spotlight: Recorded Future @ RSA 2017
Exhibitor Spotlight: Recorded Future @ RSA 2017
Dark Reading Videos  |  2/16/2017  | 
At the RSA Conference, Recorded Future's vice president of intelligence and strategy Levi Gundert and director of advanced collection Andrei Barysevich discuss threat intelligence.
The Era Of Data-Jacking Is Here. Are You Ready?
Commentary  |  2/16/2017  | 
As data in the cloud becomes more valuable, the cost of weak security will soon be higher than many organizations can bear. Here's why.
Ukraine Blames Russia For New Virus Targeting Infrastructure
Quick Hits  |  2/16/2017  | 
The Russian security service, software firms, and criminal hackers are accused of orchestrating cyberattacks on Ukraine's infrastructure.
Yahoo Warns Users Of Forged Cookies In Third Breach
Quick Hits  |  2/16/2017  | 
The company sent a warning to users about forged cookies used in a third data breach originally reported in December 2016.
MEDJACK.3 Poses Advanced Threat To Hospital Devices
News  |  2/16/2017  | 
A newly discovered version of the "medical device hijack" attack targets older operating systems to bypass security measures and steal patient data.
New Attack Threatens Android For Work Security
News  |  2/16/2017  | 
The enterprise privacy app, designed to separate personal and business information, is open to attacks putting corporate data at risk.
Mimecast Tackles Email-Bound Risks
Mimecast Tackles Email-Bound Risks
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mimecast cyber security strategy Bob Adams discusses graduating from basic filtering to true email security risk assessment.
Raytheon Foreground Security Talks Proactive Risk-Based Security
Raytheon Foreground Security Talks Proactive Risk-Based Security
Dark Reading Videos  |  2/16/2017  | 
At RSA, Raytheon Foreground Security's president, Paul Perkinson, and chief strategy officer, Joshua Douglas discuss how to get proactive with advanced threat hunting and managed detection response.
Juniper Discusses The New Network & How To Secure It
Juniper Discusses The New Network & How To Secure It
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mihir Maniar, Juniper Networks' vice president of security products and strategy, and Laurence Pitt, Juniper Networks' EMEA security strategy director, discuss how the network has not disappeared, it's just become more elastic.
Cylance Talks Third-Party Testing
Cylance Talks Third-Party Testing
Dark Reading Videos  |  2/16/2017  | 
At the RSA Conference, Chad Skipper, vice president of industry relations and product testing for Cylance, discusses the customs and controversies of third-party testing and verification of security products.
CA Technologies Views On How Machine Learning Is Powering The Next Generation Of Security
CA Technologies Views On How Machine Learning Is Powering The Next Generation Of Security
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mordecai Rosen, SVP and general manager of security business for CA Technologies talks machine learning, analytics, and identity management.
Clinton Campaign Tested Staffers With Fake Phishing Emails
News  |  2/15/2017  | 
Campaign stressed good IT hygiene, according to manager Robby Mook, who said the fake phishing emails were used to gauge effectiveness of security training for staffers,
Russian-Speaking Rasputin Breaches Dozens Of Organizations
News  |  2/15/2017  | 
Attacker behind Election Assistance Commission hack now using SQL injection as his weapon of choice against universities and government agencies.
What To Do When All Malware Is Zero-Day
Commentary  |  2/15/2017  | 
The industry needs new methods to fingerprint malware in order to determine who's behind breaches, and what can be done to stop them.
IoT Security: A Ways To Go, But Some Interim Steps For Safety
News  |  2/15/2017  | 
The Internet of Things remains vulnerable to botnets and malware, but Cisco's Anthony Grieco offers some tips to keep networks and users more secure
FBIs N-DEx System Helps Unearth Credit Card Fraud Ring
Quick Hits  |  2/15/2017  | 
An intelligence analyst used the N-DEx system to discover a 16-member gang cheating liquor and cigarette stores across eight states.
Microsoft Delays February Security Fixes
Quick Hits  |  2/15/2017  | 
The company delayed its monthly Patch Tuesday update, which was supposed to replace detailed security bulletins with the "Security Updates Guide."
The 10 Most Cyber-Exposed Cities In The US
News  |  2/15/2017  | 
At RSAC, Trend Micro researchers showcase municipalities with the highest percentage of discoverable devices and systems connected via the public Internet.
Veracode Tackles App Sec & The Pace Of DevOps
Veracode Tackles App Sec & The Pace Of DevOps
Dark Reading Videos  |  2/15/2017  | 
At the RSA Conference, Pete Chestna, Director of Developer Engagement at Veracode, discusses the persistent challenges of both continuous delivery and relentless attacks on the application layer.
Anomali Talks Threat Intelligence & Info Sharing
Anomali Talks Threat Intelligence & Info Sharing
Dark Reading Videos  |  2/15/2017  | 
At RSA Conference, Hugh Njemanze, CEO of Anomali talks about threat intelligence and the benefit of bi-directional information sharing with government agencies, as well as the benefit of free software.
Deloitte Tackles Identity Management
Deloitte Tackles Identity Management
Dark Reading Videos  |  2/15/2017  | 
At RSA Conference, Mike Wyatt, Managing Director of Deloitte Advisory Cyber Risk Service, discusses the identity management landscape and its growing importance, from "least privileges" to identity-as-a-service.
BAE Systems Cyber Defense Monitor Study Digs Into Defense
BAE Systems Cyber Defense Monitor Study Digs Into Defense
Dark Reading Videos  |  2/15/2017  | 
At the 2017 RSA Conference, BAE Systems Vice President of Cyber Security Strategy Colin McKinty discusses the new Cyber Defense Monitor study as well as enterprise wide challenges of understanding and responding to the threat landscape
Microsoft President Says Tech Industry Should Be 'Neutral Digital Switzerland'
Quick Hits  |  2/14/2017  | 
RSA Conference: Brad Smith also says the world needs a "Digital Geneva Convention" to establish the international rules for nation-state cyber conflict.
CrowdStrike Fails In Bid To Stop NSS Labs From Publishing Test Results At RSA
News  |  2/14/2017  | 
NSS results are based on incomplete and materially incorrect data, CrowdStrike CEO George Kurtz says.
Darkness & Hope On Display At RSA Conference Keynotes
News  |  2/14/2017  | 
Attendees start morning with John Lithgow telling them 'Look at how your light shines together.'
Why Identity Has Become A Top Concern For CSOs
Commentary  |  2/14/2017  | 
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
JPMorgan Breach: New Witness Delays Trial Of Bitcoin Exchange Suspects
Quick Hits  |  2/14/2017  | 
Trial proceedings of pastor Trevon Gross and Yuri Lebedev has been delayed; jury selection will take place Feb. 14.
Windows Can Help Mirai Botnet Spread
Quick Hits  |  2/14/2017  | 
Windows computers may allow cybercriminals to spread the Mirai infection by searching for other vulnerable devices.
National Security, Regulation, Identity Top Themes At Cloud Security Summit
News  |  2/13/2017  | 
Gen. Keith Alexander gives Trump a thumbs-up and Cloud Security Alliance releases a new application.
Obama's Former Cybersecurity Coordinator Named President Of CTA
News  |  2/13/2017  | 
Michael Daniel is now head of the newly incorporated nonprofit Cyber Threat Alliance, a security threat intel-sharing group of major security vendors.
IBM Brings Watson Cognitive Computing To The SOC
News  |  2/13/2017  | 
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
You Can't Hire Your Way Out Of A Skills Shortage ... Yet
Commentary  |  2/13/2017  | 
It will take much effort to fix the IT and cybersecurity talent crisis, but it is possible.
New Bug Bounty Program Targets IoT Security
News  |  2/13/2017  | 
GeekPwn bug bounty program aims to collect Internet of Things security vulnerabilities, and highlight mistakes to vendors.
'Shock & Awe' Ransomware Attacks Multiply
News  |  2/13/2017  | 
Ransomware attackers are getting more aggressive, destructive, and unpredictable.
Russia Suspect In Italian Ministry Hack
Quick Hits  |  2/13/2017  | 
Italy's foreign ministry was victim of a cyberattack last year, but hackers did not gain access to classified information.
Verizon Data Breach Digest Triangulates Humanity Inside Security
News  |  2/13/2017  | 
The 99-page report breaks out 16 different attack scenarios and specifies the target, sophistication level, attributes, and attack patterns, along with their times to discovery and containment.
Turkish Hacker Gets 8 Years In US Jail For ATM Theft Scheme
Quick Hits  |  2/13/2017  | 
Ercan Findikoglu carried out three cyberattacks that enabled theft of $55 million through worldwide ATM withdrawals.
Alleged Russian Hacker With Ties To Notorious Cybercriminals Arrested In LA
News  |  2/10/2017  | 
Alexander Tverdokhlebov is being held on charges of conspiring with another hacker to steal money from online bank accounts.
Microsoft Beefs Up Enterprise Security In Windows 10, Surface
News  |  2/10/2017  | 
Microsoft's wave of security news targets hardware, Azure, Office 365, Windows 10, and SQL Server to safeguard business data.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-39229
PUBLISHED: 2021-09-20
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin (which just comes out of the box) are subject to a denial of service attack...
CVE-2021-41083
PUBLISHED: 2021-09-20
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any ma...
CVE-2021-34650
PUBLISHED: 2021-09-20
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the ~/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6.
CVE-2021-41082
PUBLISHED: 2021-09-20
Discourse is a platform for community discussion. In affected versions any private message that includes a group had its title and participating user exposed to users that do not have access to the private messages. However, access control for the private messages was not compromised as users were n...
CVE-2020-16630
PUBLISHED: 2021-09-20
TI&acirc;&euro;&trade;s BLE stack caches and reuses the LTK&acirc;&euro;&trade;s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that...