Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2017
<<   <   Page 2 / 4   >   >>
Do Software-Defined Data Centers Pose Security Concerns?
Partner Perspectives  |  2/20/2017  | 
SDDC adoption is likely to trigger widespread data security governance programs, with 20 percent of organizations considering them necessary to prevent data breaches.
At Least 70 Organizations Targeted In Sophisticated Cyber Surveillance Operation
News  |  2/17/2017  | 
Most of the targets are in Ukraine, though a few have been spotted in Russia and elsewhere, CyberX says
RSAC 2017 in 4 Words
Curt Franklin  |  2/17/2017  | 
The big news and trends from RSAC 2017 can be summed up in four key words: visibility, IoT, partnership and automation.
Yahoo Explains Cookie Forgery Related To Two 2016 Breaches
Quick Hits  |  2/17/2017  | 
Yahoo's recent update on forged cookies is in relation to two, not three, security breaches announced last year.
Closing The Cybersecurity Skills Gap With STEM
Commentary  |  2/17/2017  | 
As a nation, we should be doing more to promote educational programs that prepare today's students for tomorrow's jobs.
After Election Interference, RSA Conference Speakers Ask What Comes Next
News  |  2/17/2017  | 
Election-tampering called 'a red line we should not allow anyone to cross.'
Man Jailed For Hacking Ex-Employer's Operations
Quick Hits  |  2/17/2017  | 
Louisiana resident Brian Johnson was sentenced to 34 months in prison and ordered to pay more than $1.1 million in damages.
Florida Man Gets 48 Months For $1.3M Spam Email Scheme
Quick Hits  |  2/17/2017  | 
Timothy Livingston committed identity theft and sent bulk spam emails on behalf of clients, generating $1.3 million in profit.
NSS Labs Talks Operationalizing Security
NSS Labs Talks Operationalizing Security
Dark Reading Videos  |  2/17/2017  | 
At RSA, NSS Labs CTO Jason Brvenik discusses how to find the gaps in your current web of security products and how to discover what you're not finding.
Iran Intensifies Its Cyberattack Activity
News  |  2/16/2017  | 
Middle East targets namely Saudi Arabia are feeling the brunt of the attacks, but experts anticipate Iran will double down on hacking US targets.
Ransomware Growth Fueled By Russian-Speaking Cybercriminals
News  |  2/16/2017  | 
Individuals and groups from Russian-speaking countries responsible for a lot of ransomware activity, Kaspersky Lab says.
Exhibitor Spotlight: Recorded Future @ RSA 2017
Exhibitor Spotlight: Recorded Future @ RSA 2017
Dark Reading Videos  |  2/16/2017  | 
At the RSA Conference, Recorded Future's vice president of intelligence and strategy Levi Gundert and director of advanced collection Andrei Barysevich discuss threat intelligence.
The Era Of Data-Jacking Is Here. Are You Ready?
Commentary  |  2/16/2017  | 
As data in the cloud becomes more valuable, the cost of weak security will soon be higher than many organizations can bear. Here's why.
Ukraine Blames Russia For New Virus Targeting Infrastructure
Quick Hits  |  2/16/2017  | 
The Russian security service, software firms, and criminal hackers are accused of orchestrating cyberattacks on Ukraine's infrastructure.
Yahoo Warns Users Of Forged Cookies In Third Breach
Quick Hits  |  2/16/2017  | 
The company sent a warning to users about forged cookies used in a third data breach originally reported in December 2016.
MEDJACK.3 Poses Advanced Threat To Hospital Devices
News  |  2/16/2017  | 
A newly discovered version of the "medical device hijack" attack targets older operating systems to bypass security measures and steal patient data.
New Attack Threatens Android For Work Security
News  |  2/16/2017  | 
The enterprise privacy app, designed to separate personal and business information, is open to attacks putting corporate data at risk.
Mimecast Tackles Email-Bound Risks
Mimecast Tackles Email-Bound Risks
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mimecast cyber security strategy Bob Adams discusses graduating from basic filtering to true email security risk assessment.
Raytheon Foreground Security Talks Proactive Risk-Based Security
Raytheon Foreground Security Talks Proactive Risk-Based Security
Dark Reading Videos  |  2/16/2017  | 
At RSA, Raytheon Foreground Security's president, Paul Perkinson, and chief strategy officer, Joshua Douglas discuss how to get proactive with advanced threat hunting and managed detection response.
Cylance Talks Third-Party Testing
Cylance Talks Third-Party Testing
Dark Reading Videos  |  2/16/2017  | 
At the RSA Conference, Chad Skipper, vice president of industry relations and product testing for Cylance, discusses the customs and controversies of third-party testing and verification of security products.
CA Technologies Views On How Machine Learning Is Powering The Next Generation Of Security
CA Technologies Views On How Machine Learning Is Powering The Next Generation Of Security
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mordecai Rosen, SVP and general manager of security business for CA Technologies talks machine learning, analytics, and identity management.
Juniper Discusses The New Network & How To Secure It
Juniper Discusses The New Network & How To Secure It
Dark Reading Videos  |  2/16/2017  | 
At RSA, Mihir Maniar, Juniper Networks' vice president of security products and strategy, and Laurence Pitt, Juniper Networks' EMEA security strategy director, discuss how the network has not disappeared, it's just become more elastic.
Clinton Campaign Tested Staffers With Fake Phishing Emails
News  |  2/15/2017  | 
Campaign stressed good IT hygiene, according to manager Robby Mook, who said the fake phishing emails were used to gauge effectiveness of security training for staffers,
Russian-Speaking Rasputin Breaches Dozens Of Organizations
News  |  2/15/2017  | 
Attacker behind Election Assistance Commission hack now using SQL injection as his weapon of choice against universities and government agencies.
What To Do When All Malware Is Zero-Day
Commentary  |  2/15/2017  | 
The industry needs new methods to fingerprint malware in order to determine who's behind breaches, and what can be done to stop them.
IoT Security: A Ways To Go, But Some Interim Steps For Safety
News  |  2/15/2017  | 
The Internet of Things remains vulnerable to botnets and malware, but Cisco's Anthony Grieco offers some tips to keep networks and users more secure
FBIs N-DEx System Helps Unearth Credit Card Fraud Ring
Quick Hits  |  2/15/2017  | 
An intelligence analyst used the N-DEx system to discover a 16-member gang cheating liquor and cigarette stores across eight states.
Microsoft Delays February Security Fixes
Quick Hits  |  2/15/2017  | 
The company delayed its monthly Patch Tuesday update, which was supposed to replace detailed security bulletins with the "Security Updates Guide."
The 10 Most Cyber-Exposed Cities In The US
News  |  2/15/2017  | 
At RSAC, Trend Micro researchers showcase municipalities with the highest percentage of discoverable devices and systems connected via the public Internet.
Veracode Tackles App Sec & The Pace Of DevOps
Veracode Tackles App Sec & The Pace Of DevOps
Dark Reading Videos  |  2/15/2017  | 
At the RSA Conference, Pete Chestna, Director of Developer Engagement at Veracode, discusses the persistent challenges of both continuous delivery and relentless attacks on the application layer.
Anomali Talks Threat Intelligence & Info Sharing
Anomali Talks Threat Intelligence & Info Sharing
Dark Reading Videos  |  2/15/2017  | 
At RSA Conference, Hugh Njemanze, CEO of Anomali talks about threat intelligence and the benefit of bi-directional information sharing with government agencies, as well as the benefit of free software.
Deloitte Tackles Identity Management
Deloitte Tackles Identity Management
Dark Reading Videos  |  2/15/2017  | 
At RSA Conference, Mike Wyatt, Managing Director of Deloitte Advisory Cyber Risk Service, discusses the identity management landscape and its growing importance, from "least privileges" to identity-as-a-service.
BAE Systems Cyber Defense Monitor Study Digs Into Defense
BAE Systems Cyber Defense Monitor Study Digs Into Defense
Dark Reading Videos  |  2/15/2017  | 
At the 2017 RSA Conference, BAE Systems Vice President of Cyber Security Strategy Colin McKinty discusses the new Cyber Defense Monitor study as well as enterprise wide challenges of understanding and responding to the threat landscape
Microsoft President Says Tech Industry Should Be 'Neutral Digital Switzerland'
Quick Hits  |  2/14/2017  | 
RSA Conference: Brad Smith also says the world needs a "Digital Geneva Convention" to establish the international rules for nation-state cyber conflict.
CrowdStrike Fails In Bid To Stop NSS Labs From Publishing Test Results At RSA
News  |  2/14/2017  | 
NSS results are based on incomplete and materially incorrect data, CrowdStrike CEO George Kurtz says.
Darkness & Hope On Display At RSA Conference Keynotes
News  |  2/14/2017  | 
Attendees start morning with John Lithgow telling them 'Look at how your light shines together.'
Why Identity Has Become A Top Concern For CSOs
Commentary  |  2/14/2017  | 
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
JPMorgan Breach: New Witness Delays Trial Of Bitcoin Exchange Suspects
Quick Hits  |  2/14/2017  | 
Trial proceedings of pastor Trevon Gross and Yuri Lebedev has been delayed; jury selection will take place Feb. 14.
Windows Can Help Mirai Botnet Spread
Quick Hits  |  2/14/2017  | 
Windows computers may allow cybercriminals to spread the Mirai infection by searching for other vulnerable devices.
National Security, Regulation, Identity Top Themes At Cloud Security Summit
News  |  2/13/2017  | 
Gen. Keith Alexander gives Trump a thumbs-up and Cloud Security Alliance releases a new application.
Obama's Former Cybersecurity Coordinator Named President Of CTA
News  |  2/13/2017  | 
Michael Daniel is now head of the newly incorporated nonprofit Cyber Threat Alliance, a security threat intel-sharing group of major security vendors.
IBM Brings Watson Cognitive Computing To The SOC
News  |  2/13/2017  | 
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
You Can't Hire Your Way Out Of A Skills Shortage ... Yet
Commentary  |  2/13/2017  | 
It will take much effort to fix the IT and cybersecurity talent crisis, but it is possible.
New Bug Bounty Program Targets IoT Security
News  |  2/13/2017  | 
GeekPwn bug bounty program aims to collect Internet of Things security vulnerabilities, and highlight mistakes to vendors.
'Shock & Awe' Ransomware Attacks Multiply
News  |  2/13/2017  | 
Ransomware attackers are getting more aggressive, destructive, and unpredictable.
Russia Suspect In Italian Ministry Hack
Quick Hits  |  2/13/2017  | 
Italy's foreign ministry was victim of a cyberattack last year, but hackers did not gain access to classified information.
Verizon Data Breach Digest Triangulates Humanity Inside Security
News  |  2/13/2017  | 
The 99-page report breaks out 16 different attack scenarios and specifies the target, sophistication level, attributes, and attack patterns, along with their times to discovery and containment.
Turkish Hacker Gets 8 Years In US Jail For ATM Theft Scheme
Quick Hits  |  2/13/2017  | 
Ercan Findikoglu carried out three cyberattacks that enabled theft of $55 million through worldwide ATM withdrawals.
Alleged Russian Hacker With Ties To Notorious Cybercriminals Arrested In LA
News  |  2/10/2017  | 
Alexander Tverdokhlebov is being held on charges of conspiring with another hacker to steal money from online bank accounts.
Microsoft Beefs Up Enterprise Security In Windows 10, Surface
News  |  2/10/2017  | 
Microsoft's wave of security news targets hardware, Azure, Office 365, Windows 10, and SQL Server to safeguard business data.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.