Operations

News & Commentary
C-Suite Divided Over Security Concerns
Steve Zurier, Freelance WriterNews
Survey shows 60% of CEOs plan to invest the most resources in malware prevention, but CISOs, CIOs, and CTOs are on a different page.
By Steve Zurier Freelance Writer, 2/21/2018
Comment0 comments  |  Read  |  Post a Comment
Rise of the 'Hivenet': Botnets That Think for Themselves
Derek Manky, Global Security Strategist, FortinetCommentary
These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.
By Derek Manky Global Security Strategist, Fortinet, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Democracy & DevOps: What Is the Proper Role for Security?
PJ Kirner, CTO & Founder, IllumioCommentary
Security experts need a front-row seat in the application development process but not at the expense of the business.
By PJ Kirner CTO & Founder, Illumio, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips to Keep Cybersecurity Front & Center
Greg Kushto, Vice President of Sales Engineering at Force 3Commentary
In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.
By Greg Kushto Vice President of Sales Engineering at Force 3, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Costs for Financial Sector up 40% Since 2014
Sara Peters, Senior Editor at Dark ReadingQuick Hits
A 9.6% increase just in the past year, and denial-of-service attacks are partly to blame.
By Sara Peters Senior Editor at Dark Reading, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof TechnologiesCommentary
Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.
By Satish Shetty CEO, Codeproof Technologies, 2/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Equifax Names New CISO
Dark Reading Staff, Quick Hits
Former Home Depot CISO takes the reins in the wake of Equifax's massive data breach and fallout.
By Dark Reading Staff , 2/13/2018
Comment0 comments  |  Read  |  Post a Comment
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The more experienced a SOC analyst gets, the more his or her job satisfaction declines, a new survey of security operations center staffers shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/12/2018
Comment1 Comment  |  Read  |  Post a Comment
Tracking Bitcoin Wallets as IOCs for Ransomware
Curtis Jordan, Lead Security Engineer, TruSTARCommentary
By understanding how cybercriminals use bitcoin, threat analysts can connect the dots between cyber extortion, wallet addresses, shared infrastructure, TTPs, and attribution.
By Curtis Jordan Lead Security Engineer, TruSTAR, 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Back to Basics: AI Isn't the Answer to What Ails Us in Cyber
Amit Yoran, Chairman & CEO, Tenable Network SecurityCommentary
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
By Amit Yoran Chairman & CEO, Tenable Network Security, 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
20 Signs You Need to Introduce Automation into Security Ops
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Far too often, organizations approach automation as a solution looking for a problem rather than the other way around.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 2/8/2018
Comment0 comments  |  Read  |  Post a Comment
Ticking Time Bombs in Your Data Center
Murali Palanisamy, Executive Vice President and Chief Technology Officer,  AppViewXCommentary
The biggest security problems inside your company may result from problems it inherited.
By Murali Palanisamy Executive Vice President and Chief Technology Officer, AppViewX, 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
Ukraine Power Distro Plans $20 Million Cyber Defense System
Dark Reading Staff, Quick Hits
After NotPetya and severe blackouts, Ukrenergo responds with an investment in cybersecurity.
By Dark Reading Staff , 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
AutoSploit: Mass Exploitation Just Got a Lot Easier
Rami Sass, CEO & Co-Founder, WhiteSourceCommentary
But the response to the new hacking tool, now readily available to the masses of script kiddies, has been a mix of outrage, fear, some applause, and more than a few shrugs.
By Rami Sass CEO & Co-Founder, WhiteSource, 2/6/2018
Comment5 comments  |  Read  |  Post a Comment
2017 Smashed World's Records for Most Data Breaches, Exposed Information
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Five mega-breaches last year accounted for more than 72% of all data records exposed in 2017.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
Identity Fraud Hits All-Time High in 2017
Steve Zurier, Freelance WriterNews
Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.
By Steve Zurier Freelance Writer, 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Maximize Your Security Dollars
Jai Vijayan, Freelance writer
Budget and resource constraints can make it hard for you to meet security requirements, but there are ways you can stretch your budget.
By Jai Vijayan Freelance writer, 2/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Mastering Security in the Zettabyte Era
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
By Marc Wilczek Digital Strategist & CIO Advisor, 2/5/2018
Comment0 comments  |  Read  |  Post a Comment
Lieberman Software Acquired by Bomgar
Dark Reading Staff, Quick Hits
Deal combines privileged access management products, technologies.
By Dark Reading Staff , 2/1/2018
Comment0 comments  |  Read  |  Post a Comment
Thinking about a Career Move in Cybersecurity?
Steve Morgan, Founder & CEO, Cybersecurity VenturesCommentary
The numbers show career opportunities for cyber defenders.
By Steve Morgan Founder & CEO, Cybersecurity Ventures, 2/1/2018
Comment5 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Joe Stanganelli
Current Conversations "I think I found our security gap."
In reply to: js1
Post Your Own Reply
More Conversations
PR Newswire
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMatters,  2/15/2018
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.