News & Commentary
Latest Content tagged with Advanced Threats
|
Data Manipulation: How Security Pros Can Respond to an Emerging Threat
Industry leaders are scrambling to address the issue, which will take new thinking to overcome.
3 Drivers Behind the Increasing Frequency of DDoS Attacks
What's causing the uptick? Motivation, opportunity, and new capabilities.
Overhauling the 3 Pillars of Security Operations
Modern apps and the cloud mean that organizations must now rethink older security practices.
The 7 Habits of Highly Effective Security Teams
Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.
Enterprise Security Needs an Open Data Solution
What would it look like if more than a tiny fraction of enterprises had access to all the signals hidden in their big data today?
The Increasingly Vulnerable Software Supply Chain
Nation-state adversaries from Iran to Russia have leveraged the supply chain as a vehicle to compromise infrastructure and disrupt businesses.
Foreshadow, SGX & the Failure of Trusted Execution
Trusted execution environments are said to provide a hardware-protected enclave that runs software and cannot be accessed externally, but recent developments show they fall far short.
4 Practical Measures to Improve Election Security Now
It's more critical than ever for states to protect our democratic system and voting infrastructure from foreign cyber espionage.
DevOps Demystified: A Primer for Security Practitioners
Key starting points for those still struggling to understand the concept.
Palestinian, Middle East Targets Hit with New Surveillance Attacks
'Big Bang' group returns with new campaign after last year's RAT attacks.
The Weakest Security Links in the (Block)Chain
Despite the technology's promise to transform how business is done, there are significant limitations and potential risks at the intersection of the digital and physical worlds.
Lean, Mean & Agile Hacking Machine
Hackers are thinking more like developers to evade detection and are becoming more precise in their targeting.
A False Sense of Security
Emerging threats over the next two years stem from biometrics, regulations, and insiders.
New Apache Struts Vulnerability Leaves Major Websites Exposed
The vulnerability, found in Struts' core functionality, could be more critical than the one involved in last year's Equifax breach.
Data Privacy Careers Are Helping to Close the IT Gender Gap
There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?
Overcoming 'Security as a Silo' with Orchestration and Automation
When teams work in silos, the result is friction and miscommunication. Automation changes that.
Open Source Software Poses a Real Security Threat
It's true that open source software has many benefits, but it also has weak points. These four practical steps can help your company stay safer.
The Data Security Landscape Is Shifting: Is Your Company Prepared?
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
The Enigma of AI & Cybersecurity
We've only seen the beginning of what artificial intelligence can do for information security.
Dark Reading News Desk Live at Black Hat USA 2018
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
IT Managers: Are You Keeping Up with Social-Engineering Attacks?
Increasingly sophisticated threats require a mix of people, processes, and technology safeguards.
Power Grid Security: How Safe Are We?
Experiencing a power outage? It could have been caused by a hacker … or just a squirrel chewing through some equipment. And that's a problem.
5 Steps to Fight Unauthorized Cryptomining
This compromise feels like a mere annoyance, but it can open the door to real trouble.
Unified Security Data: A Simple Idea to Combat Persistent, Complex Cyberattacks
Do you know what happens to your data when it's not in use? If the answer is no, you need to fix that.
New Spectre Variant Hits the Network
A new proof of concept is a reminder that complex systems can be vulnerable at the most basic level.
MUD: The Solution to Our Messy Enterprise IoT Security Problems?
The 'Manufacturer Usage Description' proposal from IETF offers a promising route for bolstering security across the industry.
8 Steps Toward Safer Elections
Here’s some advice from leading authorities on how state and local governments can adapt to an environment where election systems will inevitably be hacked.
Threat Hunting: Rethinking 'Needle in a Haystack' Security Defenses
In cyber, needles (that is, threats) can disappear quickly, for a variety of reasons, and long often after hackers have completed what they came to do.
Make Security Boring Again
In the public sector and feeling overwhelmed? Focus on the basics, as mind numbing as that may sound.
From Bullets to Clicks: The Evolution of the Cyber Arms Race
Cyber strategies have become as important as physical weapons in the battle for political advantage. Here's a quick look at four broad categories.
SCADA/ICS Dangers & Cybersecurity Strategies
Nearly 60% of surveyed organizations using SCADA or ICS reported they experienced a breach in those systems in the last year. Here are four tips for making these systems safer.
Time to Yank Cybercrime into the Light
Too many organizations are still operating blindfolded, research finds.
8 Big Processor Vulnerabilities in 2018
Security researchers have been working in overdrive examining processors for issues — and they haven't come up empty-handed.
How to Structure an Enterprise-Wide Threat Intelligence Strategy
To keep an organization safe, you must think about the entire IT ecosystem.
ICS Security: 'The Enemy Is in the Wire'
Threats to industrial control systems are real and frightening. The government is taking steps to keep us safer in the future, but there are near-term steps you can take right now.
What We Talk About When We Talk About Risk
Measuring security risk is not that hard if you get your terms straight and leverage well-established methods and principles from other disciplines.
For Data Thieves, the World Cup Runneth Over
Large sporting events are always going to be targets, but the fact that the competition is in Russia adds another layer of concern. Here are three tips to stay safer.
Creating a Defensible Security Architecture
Take the time to learn about your assets. You'll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture.
4 Basic Principles to Help Keep Hackers Out
The most effective hackers keep things simple, something organizations must take into account.
9 SMB Security Trends
SMBs understand they have to focus more on cybersecurity. Here's a look at the areas they say matter most.
Preparing for Transport Layer Security 1.3
The long-awaited encryption standard update is almost here. Get ready while you can to ensure security, interoperability, and performance.
Today! 'Why Cybercriminals Attack,' A Dark Reading Virtual Event
Wednesday, June 27, this all-day event starting at 11 a.m. ET, will help you decide who and what you really need to defend against, and how to do it more effectively.
Improving the Adoption of Security Automation
Four barriers to automation and how to overcome them.
How to Prepare for 'WannaCry 2.0'
It seems inevitable that a more-powerful follow-up to last year's malware attack will hit sooner or later. You'd better get prepared.
5 Tips for Integrating Security Best Practices into Your Cloud Strategy
Do 'cloud-first' strategies create a security-second mindset?
|
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17332
PUBLISHED: 2018-09-22
PUBLISHED: 2018-09-22
PUBLISHED: 2018-09-22
PUBLISHED: 2018-09-22
PUBLISHED: 2018-09-22
From DHS/US-CERT's National Vulnerability Database CVE-2018-17332
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17333PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17334PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
CVE-2018-17336PUBLISHED: 2018-09-22
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...
CVE-2018-17321PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This