Page 1 / 2   >   >>
The Mirai Botnet Is Attacking Again
David Holmes, World-Wide Security Evangelist, F5Commentary
And the spinoff bots and all their command and control hostnames buried in the morass of digital data are hilarious.
By David Holmes World-Wide Security Evangelist, F5, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
BrickerBot: Internet Vigilantism Ends Don't Justify the Means
Justin Shattuck, Principal Threat Research EvangelistCommentary
However noble the intention, obtaining unauthorized access to devices and making them unusable is illegal and undermines the work of ethical researchers.
By Justin Shattuck Principal Threat Research Evangelist, 2/8/2018
Comment1 Comment  |  Read  |  Post a Comment
Ramnit's Holiday Shopping Spree: Retailers & E-commerce
Doron Voolf, Malware Analyst, F5 Security Operations Center (SOC)Commentary
This past season, the authors of a traditional banking Trojan focused on what people do between Thanksgiving and New Year's Day: shop, eat, check their bank account, and entertain.
By Doron Voolf Malware Analyst, F5 Security Operations Center (SOC), 2/1/2018
Comment0 comments  |  Read  |  Post a Comment
Avoiding the Epidemic of Hospital Hacks
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Lessons learned about cyber hygiene from inside one of America's highest ranked medical institutions.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 1/25/2018
Comment0 comments  |  Read  |  Post a Comment
The Startup Challenge: Safe in the Cloud from Day One
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
How a Seattle travel company built a rock-solid mobile app without sacrificing performance or security.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 1/18/2018
Comment0 comments  |  Read  |  Post a Comment
Why Facebook Security Questions Are no Substitute for MFA
Lori MacVittie, Commentary
If identity is established based on one thing you know and one thing you have, the latter should not also be a thing you know because in the sharing economy, we share everything.
By Lori MacVittie , 1/11/2018
Comment1 Comment  |  Read  |  Post a Comment
Be a More Effective CISO by Aligning Security to the Business
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/21/2017
Comment6 comments  |  Read  |  Post a Comment
Is a Good Offense the Best Defense Against Hackers?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
A proposed new law could make it legal for companies to hack back against attacker. But will it work?
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/14/2017
Comment0 comments  |  Read  |  Post a Comment
Why Third-Party Security Is your Security
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
The Good News about Breaches: It Wasn't You this Time
Lori MacVittie, Commentary
Somewhere in every application there is a vulnerability waiting to be exploited. You can attack the problem by having the right mindset and answering two simple questions
By Lori MacVittie , 11/30/2017
Comment0 comments  |  Read  |  Post a Comment
'Reaper': The Professional Bot Herders Thingbot
David Holmes, World-Wide Security Evangelist, F5Commentary
Is it malicious? So far it's hard to tell. For now it's a giant blinking red light in security researchers faces warning us that wed better figure out how to secure the Internet of Things.
By David Holmes World-Wide Security Evangelist, F5, 11/16/2017
Comment1 Comment  |  Read  |  Post a Comment
'Goldilocks' Legislation Aims to Clean up IoT Security
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
The proposed Internet of Things Cybersecurity Improvement Act of 2017 is not too hard, not too soft, and might be just right.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 11/9/2017
Comment0 comments  |  Read  |  Post a Comment
5 Reasons CISOs Should Keep an Open Mind about Cryptocurrency
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
With untold new markets for Bitcoin and other 'alt-coins,' it's going to be an exciting future -- and security leaders need to get ready for it.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 11/2/2017
Comment0 comments  |  Read  |  Post a Comment
5 Reasons Why the CISO is a Cryptocurrency Skeptic
David Holmes, World-Wide Security Evangelist, F5Commentary
If you think all you need is technology to defend against bad guys, you shouldnt be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.
By David Holmes World-Wide Security Evangelist, F5, 10/26/2017
Comment0 comments  |  Read  |  Post a Comment
CISOs: Striving Toward Proactive Security Strategies
Mike Convertino, CISO & VP, Information Security, F5 NetworksCommentary
A new survey paints a compelling picture of the modern security executive, how they succeed, and how much power they wield.
By Mike Convertino CISO & VP, Information Security, F5 Networks, 10/19/2017
Comment0 comments  |  Read  |  Post a Comment
6 Steps to Finding Honey in the OWASP
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
The most famous project of the Open Web Application Security Project is getting an update. Here's what you need to know, and how you can get involved.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 10/12/2017
Comment0 comments  |  Read  |  Post a Comment
URL Obfuscation: Still a Phisher's Phriend
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
There are three primary techniques to trick users into thinking a website link is real: URL shorteners, URL doppelgangers, and URL redirects.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 10/5/2017
Comment0 comments  |  Read  |  Post a Comment
TrickBot Rapidly Expands its Targets in August
Sara Boddy, Principal Threat Research EvangelistCommentary
TrickBot shifted its focus to U.S banks and credit card companies, soaring past the 1,000 target URL mark in a single configuration.
By Sara Boddy Principal Threat Research Evangelist, 9/28/2017
Comment0 comments  |  Read  |  Post a Comment
Where Do Security Vulnerabilities Come From?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
There are three major causes: code quality, complexity, and trusted data inputs.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 9/22/2017
Comment0 comments  |  Read  |  Post a Comment
The Hunt for IoT: The Rise of Thingbots
Sara Boddy, Principal Threat Research EvangelistCommentary
Across all of our research, every indication is that todays "thingbots" botnets built exclusively from Internet of Things devices will become the infrastructure for a future Darknet.
By Sara Boddy Principal Threat Research Evangelist, 9/14/2017
Comment0 comments  |  Read  |  Post a Comment
Page 1 / 2   >   >>
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
F5 makes apps go-faster, smarter, and safer. With solutions for the cloud and the data center, F5 technology provides unparalleled visibility and control, allowing customers to secure their users, applications, and data. For more information, visit www.f5.com.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.