Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in December 2014
Dear Cyber Criminals: Were Not Letting Our Guard Down in 2015
Commentary  |  12/31/2014  | 
Next year, youll keep exploiting vulnerabilities, and well make sure our systems are patched, our antivirus is up to date, and our people are too smart to click the links you send them.
Backoff Malware Validates Targets Through Infected IP Cameras
News  |  12/23/2014  | 
RSA report on Backoff dives deeper into clues about the POS software and hints at attackers potentially located in India.
Time To Rethink Patching Strategies
Commentary  |  12/19/2014  | 
In 2014, the National Vulnerability Database is expected to log a record-breaking 8,000 vulnerabilities. That's 8,000 reasons to improve software quality at the outset.
5 Pitfalls to Avoid When Running Your SOC
Commentary  |  12/18/2014  | 
The former head of the US Army Cyber Command SOC shares his wisdom and battle scars about playing offense not defense against attackers.
Sony Cancels Movie, US Confirms North Korea Involvement, But Were Bomb Threats Empty?
News  |  12/17/2014  | 
After the Sony hackers issue threats of physical violence and 9/11-style attacks, The Interview is being killed before it even premieres. But would the attackers have really blown up theaters?
The New Target for State-Sponsored Cyber Attacks: Applications
Commentary  |  12/17/2014  | 
Skilled hackers are now using simple web application vulnerabilities like SQL Injection to take over database servers. Are you prepared to defend against this new type of threat actor?
Sony Warns Media About Disclosure, Staff About Fraud, 'Bond' Fans About Spoilers
Quick Hits  |  12/16/2014  | 
A wrapup of the latest Sony attack fallout.
2014: The Year of Privilege Vulnerabilities
Commentary  |  12/16/2014  | 
Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of "least privilege" could limit the impact of malware and raise the bar of difficulty for attackers.
Ekoparty Isnt The Next Defcon (& It Doesnt Want To Be)
Commentary  |  12/15/2014  | 
Unlike American security conferences that offer a buffet of merchandise, meals, and drinks, Ekoparty, in Buenos Aires, is every bit as functional -- with a little less fluff.
Hiring Hackers To Secure The Internet Of Things
News  |  12/11/2014  | 
How some white hat hackers are changing career paths to help fix security weaknesses in consumer devices and business systems.
'Inception' Cyber Espionage Campaign Targets PCs, Smartphones
News  |  12/10/2014  | 
Blue Coat report details sophisticated attacks mainly against Russian targets, and Kaspersky Lab calls new campaign next-generation of Red October cyber spying operation.
Sony Hackers Knew Details Of Sony's Entire IT Infrastructure
News  |  12/4/2014  | 
While trying to simultaneously recover from a data breach and a wiper attack, Sony watches attackers publish maps and credentials for everything from production servers to iTunes accounts.
Why Regin Malware Changes Threatscape Economics
Commentary  |  12/4/2014  | 
Never before have attackers been able to deploy a common malware platform and configure it as necessary with low-cost, quick-turnaround business logic apps.
With Operation Cleaver, Iran Emerges As A Cyberthreat
News  |  12/3/2014  | 
A hacker group's actions suggest that it is laying the groundwork for a future attack on critical infrastructure targets.
FBI Warning Shows Targeted Attacks Don't Just Steal Anymore
News  |  12/2/2014  | 
An FBI advisory points to an increasing trend of destructive malware for activist, anti-forensics purposes.
Breaking the Code: The Role of Visualization in Security Research
Commentary  |  12/1/2014  | 
In todays interconnected, data rich IT environments, passive inspection of information is not enough.


News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24100
PUBLISHED: 2021-02-25
Microsoft Edge for Android Information Disclosure Vulnerability
CVE-2021-24101
PUBLISHED: 2021-02-25
Microsoft Dataverse Information Disclosure Vulnerability
CVE-2021-24102
PUBLISHED: 2021-02-25
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103.
CVE-2021-24103
PUBLISHED: 2021-02-25
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102.
CVE-2021-24105
PUBLISHED: 2021-02-25
Package Managers Configurations Remote Code Execution Vulnerability