Page 1 / 3   >   >>
Boosting Security Effectiveness with 'Adjuvants'
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 5/17/2018
Comment3 comments  |  Read  |  Post a Comment
Electroneum Cryptomining Targets Microsoft IIS 6.0 Vulnerability
Andrey Shalnev, F5 Security ResearcherCommentary
New campaign shows that there are still systems exposed to the year-old CVE20177269 vuln on an operating system that was declared end-of-life three years ago.
By Andrey Shalnev F5 Security Researcher, 5/10/2018
Comment0 comments  |  Read  |  Post a Comment
4 Critical Applications and How to Protect Them
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Since critical apps are, well, critical, security teams must take preventive measures to keep attackers from exploiting their vulnerabilities.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 5/3/2018
Comment0 comments  |  Read  |  Post a Comment
Europe and Asia Take on More DDoS Attacks
Sara Boddy, Principal Threat Research EvangelistCommentary
While North American targets have historically been on the receiving end of the majority of DDoS attacks since their inception, that trend changed in 2017.
By Sara Boddy Principal Threat Research Evangelist, 4/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Researchers Discover Second rTorrent Vulnerability Campaign
Andrey Shalnev, F5 Security ResearcherCommentary
This time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents.
By Andrey Shalnev F5 Security Researcher, 4/19/2018
Comment0 comments  |  Read  |  Post a Comment
How Attackers Can Exploit rTorrent with Monero Cryptocurrency Miner
Andrey Shalnev, F5 Security ResearcherCommentary
As cryptomining campaigns become more profitable, cybercriminals are becoming more creative about finding new ways to extend their operations.
By Andrey Shalnev F5 Security Researcher, 4/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptomining: Fast-Becoming the Web's Most Profitable Attack Method
Travis Kreikemeier, F5 Systems EngineerCommentary
The ROI of 'cryptojacking' has never been higher, making bitcoin and other cryptocurrencies a more attractive target for cybercriminals. Here's why.
By Travis Kreikemeier F5 Systems Engineer, 4/5/2018
Comment0 comments  |  Read  |  Post a Comment
Deconstructing a Business Email Compromise Attack
David Holmes, World-Wide Security Evangelist, F5Commentary
How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
By David Holmes World-Wide Security Evangelist, F5, 3/29/2018
Comment0 comments  |  Read  |  Post a Comment
Applications & Identities Initial Targets in 86% of Breaches: Report
Sara Boddy, Principal Threat Research EvangelistCommentary
The startling numbers of breached data are sobering: 11.8 billion records compromised in 337 of 433 incidents examined by F5 researchers. They include 10.3 billion usernames, passwords, and email accounts.
By Sara Boddy Principal Threat Research Evangelist, 3/22/2018
Comment0 comments  |  Read  |  Post a Comment
Journey to the Cloud: Overcoming Security Risks
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Lessons learned from a global consultancy's 10-year transition from on-premises to 99% cloud-based infrastructure.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 3/1/2018
Comment0 comments  |  Read  |  Post a Comment
Security Liability in an 'Assume Breach' World
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Cybersecurity today is more than an IT issue. It's a product quality issue, a customer service issue, an operational issue, and an executive issue. Here's why.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 2/22/2018
Comment0 comments  |  Read  |  Post a Comment
The Mirai Botnet Is Attacking Again
David Holmes, World-Wide Security Evangelist, F5Commentary
And the spinoff bots and all their command and control hostnames buried in the morass of digital data are hilarious.
By David Holmes World-Wide Security Evangelist, F5, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
BrickerBot: Internet Vigilantism Ends Don't Justify the Means
Justin Shattuck, Principal Threat Research EvangelistCommentary
However noble the intention, obtaining unauthorized access to devices and making them unusable is illegal and undermines the work of ethical researchers.
By Justin Shattuck Principal Threat Research Evangelist, 2/8/2018
Comment1 Comment  |  Read  |  Post a Comment
Ramnit's Holiday Shopping Spree: Retailers & E-commerce
Doron Voolf, Malware Analyst, F5 Security Operations Center (SOC)Commentary
This past season, the authors of a traditional banking Trojan focused on what people do between Thanksgiving and New Year's Day: shop, eat, check their bank account, and entertain.
By Doron Voolf Malware Analyst, F5 Security Operations Center (SOC), 2/1/2018
Comment0 comments  |  Read  |  Post a Comment
Avoiding the Epidemic of Hospital Hacks
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Lessons learned about cyber hygiene from inside one of America's highest ranked medical institutions.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 1/25/2018
Comment0 comments  |  Read  |  Post a Comment
The Startup Challenge: Safe in the Cloud from Day One
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
How a Seattle travel company built a rock-solid mobile app without sacrificing performance or security.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 1/18/2018
Comment0 comments  |  Read  |  Post a Comment
Why Facebook Security Questions Are no Substitute for MFA
Lori MacVittie, Commentary
If identity is established based on one thing you know and one thing you have, the latter should not also be a thing you know because in the sharing economy, we share everything.
By Lori MacVittie , 1/11/2018
Comment1 Comment  |  Read  |  Post a Comment
Be a More Effective CISO by Aligning Security to the Business
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/21/2017
Comment6 comments  |  Read  |  Post a Comment
Is a Good Offense the Best Defense Against Hackers?
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
A proposed new law could make it legal for companies to hack back against attacker. But will it work?
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/14/2017
Comment0 comments  |  Read  |  Post a Comment
Why Third-Party Security Is your Security
Raymond Pompon, Principal Threat Research Evangelist at F5 NetworksCommentary
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
By Raymond Pompon Principal Threat Research Evangelist at F5 Networks, 12/7/2017
Comment0 comments  |  Read  |  Post a Comment
Page 1 / 3   >   >>
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.