Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Operations
Page 1 / 2   >   >>
7 Recent Wins Against Cybercrime
Slideshows  |  5/24/2019  | 
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
To Manage Security Risk, Manage Data First
News  |  5/23/2019  | 
At Interop 2019, IT and security experts urged attendees to focus on data asset management as a means of mitigating risk.
Microsoft Opens Defender ATP for Mac to Public Preview
Quick Hits  |  5/23/2019  | 
Users of the security platform who have preview features enabled can access Defender ATP for Mac via the Security Center onboarding section.
Incident Response: 3 Easy Traps & How to Avoid Them
Commentary  |  5/23/2019  | 
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
Data Asset Management: What Do You Really Need?
News  |  5/22/2019  | 
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
Proving the Value of Security Awareness with Metrics that 'Deserve More'
Commentary  |  5/22/2019  | 
Without metrics that matter to the business, awareness programs will continue to be the bastard child of security.
Google Alerts Admins to Unhashed Password Storage
Quick Hits  |  5/22/2019  | 
The company reports it has seen improper access to, or misuse of, affected enterprise G Suite credentials.
Data Security: Think Beyond the Endpoint
News  |  5/21/2019  | 
A strong data protection strategy is essential as data moves across endpoints and in the cloud.
When Older Windows Systems Won't Die
News  |  5/17/2019  | 
Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.
Google to Replace Titan Security Keys Affected by Bluetooth Bug
News  |  5/16/2019  | 
A misconfiguration in Bluetooth Titan Security Keys' pairing protocols could compromise users under specific circumstances.
Executive Order Limits Certain Tech Sales, Hits Huawei Hard
Quick Hits  |  5/16/2019  | 
The executive order signed by President Trump bars the sale or installation of equipment seen to be controlled by hostile foreign governments and a threat to national security.
Cyber Workforce Exec Order: Right Question, Wrong Answer
Commentary  |  5/16/2019  | 
Shuffling resources, adding administrative process, and creating a competition and incentive system will do little to grow and mature the talent we need to meet the cybersecurity challenges we face.
Attackers Are Messing with Encryption Traffic to Evade Detection
News  |  5/15/2019  | 
Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year.
Microsoft Builds on Decentralized Identity Vision
News  |  5/15/2019  | 
The company elaborates on its plan to balance data control between businesses and consumers by giving more autonomy to individuals.
Introducing the Digital Transformation Architect
Commentary  |  5/15/2019  | 
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
Windows 10 Migration: Getting It Right
Commentary  |  5/15/2019  | 
The transition to Windows 10 doesn't need to be a sprint. Organizations can still take advantage of the security in Windows 7 while gaining added management flexibility from the newer OS.
Resolution Requires Cybersecurity Training for Members of Congress
Quick Hits  |  5/14/2019  | 
A bipartisan resolution would mandate IT and cybersecurity training for all members of Congress, their staff, and employees.
Microsoft Patches Wormable Vuln in Windows 7, 2003, XP, Server 2008
News  |  5/14/2019  | 
Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited.
Missing in Action: Cybersecurity Professionals
Commentary  |  5/14/2019  | 
Just as every organization security team's needs are unique, so are the reasons for the shortage of candidates for open positions. Here are five strategies to help you close the gap.
Why AI Will Create Far More Jobs Than It Replaces
Commentary  |  5/14/2019  | 
Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.
78% of Consumers Say Online Companies Must Protect Their Info
News  |  5/13/2019  | 
Yet 68% agree they also must do more to protect their own information.
How Open Testing Standards Can Improve Security
Commentary  |  5/13/2019  | 
When creating security metrics, it's critical that test methodologies cover multiple scenarios to ensure that devices perform as expected in all environments.
Open Security Tests Gain Momentum With More Lab Partners
News  |  5/3/2019  | 
NetSecOPEN, a group of next-generation firewall vendors, has added the first university-based testing facility in its effort to move toward more open security testing.
Security Doesn't Trust IT and IT Doesn't Trust Security
News  |  5/2/2019  | 
How a rocky relationship between IT operations and cybersecurity teams can compound security risks.
Facebook, Instagram Are Phishers' Favorite Social Platforms
Quick Hits  |  5/2/2019  | 
Cloud companies continue to represent the most phishing URLs, but social media saw the most growth in Q1 2019.
World Password Day or Groundhog Day?
Commentary  |  5/2/2019  | 
Despite decades trying to fortify our passwords with bolt-on solutions, attackers have always found ways to defeat them. Here are four reasons why.
Staffing the Software Security Team: Who You Gonna Call?
Commentary  |  5/1/2019  | 
Recruiting developers and testers from the product group is a great way to build a top-notch application security team. Here's why.
Digital Transformation Exposes Operational Technology & Critical Infrastructure
Commentary  |  5/1/2019  | 
The convergence of OT and IP-based IT networks makes society more vulnerable, requiring CISOs to rethink defense.
California Consumer Privacy Act: 4 Compliance Best Practices
Commentary  |  4/30/2019  | 
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
How to Help Your Board Navigate Cybersecurity's Legal Risks
Commentary  |  4/30/2019  | 
What's worse than a massive data breach? A massive data breach followed by a shareholder derivative lawsuit. Learn whats at stake and what CISOs can do to mitigate the damage.
A Rear-View Look at GDPR: Compliance Has No Brakes
Commentary  |  4/29/2019  | 
With a year of Europe's General Data Protection Regulation under our belt, what have we learned?
Go Medieval to Keep OT Safe
Commentary  |  4/26/2019  | 
When it comes to operational technology and industrial control systems, make sure you're the lord of all you survey.
UVA Wins Second Consecutive National Collegiate Cyber Defense Championship
Quick Hits  |  4/25/2019  | 
The Wahoos came out on top among 235 colleges and universities that took part in the 15-year-old competition.
Demonstration Showcase Brings DevOps to Interop19
News  |  4/23/2019  | 
Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
When Every Attack Is a Zero Day
Commentary  |  4/23/2019  | 
Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that.
Will the US Adopt a National Privacy Law?
Commentary  |  4/23/2019  | 
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
7 Ways to Get the Most from Your IDS/IPS
Slideshows  |  4/23/2019  | 
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
4 Tips to Protect Your Business Against Social Media Mistakes
Commentary  |  4/22/2019  | 
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
Third-Party Cyber-Risk by the Numbers
Slideshows  |  4/19/2019  | 
Recent stats show that the state of third-party cyber risk and vendor risk management remains largely immature at most organizations.
Cloud Security Spend Set to Reach $12.6B by 2023
News  |  4/18/2019  | 
Growth corresponds with a greater reliance on public cloud services.
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
Commentary  |  4/18/2019  | 
Faced with an overwhelming adversary, Game of Thrones heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.
Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent
Quick Hits  |  4/18/2019  | 
The social media giant says it did not access the imported data and is notifying affected users.
In Security, All Logs Are Not Created Equal
Commentary  |  4/11/2019  | 
Prioritizing key log sources goes a long way toward effective incident response.
When Your Sandbox Fails
Commentary  |  4/11/2019  | 
The sandbox is an important piece of the security stack, but an organization's entire strategy shouldn't rely on its ability to detect every threat. Here's why.
Merging Companies, Merging Clouds
Commentary  |  4/10/2019  | 
Integrating cloud environments is anything but easy. Evaluating the security risks in doing so must be a starting component of an overall M&A strategy.
The Matrix at 20: A Metaphor for Today's Cybersecurity Challenges
Commentary  |  4/5/2019  | 
The Matrix ushered in a new generation of sci-fi movies and futuristic plotlines with a relentless, seemingly invulnerable set of villains. Twenty years later, that theme is all too familiar to security pros.
War on Zero-Days: 4 Lessons from Recent Google & Microsoft Vulns
Commentary  |  4/2/2019  | 
When selecting targets, attackers often consider total cost of 'pwnership' -- the expected cost of an operation versus the likelihood of success. Defenders need to follow a similar strategy.
Airports & Operational Technology: 4 Attack Scenarios
Commentary  |  4/2/2019  | 
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.
ShadowHammer Dangers Include Update Avoidance
News  |  4/1/2019  | 
More fallout from the compromise of Asus's automated software update.
Enterprise Data Encryption Hits All-time High
Quick Hits  |  3/28/2019  | 
A new report by the Ponemon Institute shows 45% of organizations have a comprehensive encryption policy in place.
Page 1 / 2   >   >>


97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .