Analytics

News & Commentary
Security Tops Use Cases for Endpoint Data
Dark Reading Staff, Quick Hits
Businesses increasingly use endpoint data for security investigations, eDiscovery, and device migration to Windows 10.
By Dark Reading Staff , 10/11/2017
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Windows Zero-Day Flaws Tied to DNSSEC
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security experts advise 'immediate' patching of critical DNS client vulnerabilities in Windows 8, 10, and other affected systems.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/10/2017
Comment1 Comment  |  Read  |  Post a Comment
Unstructured Data: The Threat You Cannot See
Charles Fullwood, Software Practice Director at Force 3Commentary
Why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control.
By Charles Fullwood Software Practice Director at Force 3, 10/10/2017
Comment0 comments  |  Read  |  Post a Comment
Artificial Intelligence: Experts Talk Ethical, Security Concerns
Kelly Sheridan, Associate Editor, Dark ReadingNews
Global leaders weigh the benefits and dangers of a future in which AI plays a greater role in business and security strategy.
By Kelly Sheridan Associate Editor, Dark Reading, 10/10/2017
Comment0 comments  |  Read  |  Post a Comment
7 SIEM Situations That Can Sack Security Teams
Dawn Kawamoto, Associate Editor, Dark Reading
SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.
By Dawn Kawamoto Associate Editor, Dark Reading, 9/27/2017
Comment2 comments  |  Read  |  Post a Comment
How Security Metrics Fail Us & How We Fail Them
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Joseph Carson of Thycotic discusses how infosec professionals buy security products they don't need and make other bad decisions, because of poor use of metrics.
By Sara Peters Senior Editor at Dark Reading, 9/26/2017
Comment1 Comment  |  Read  |  Post a Comment
FBI's Freese Shares Risk Management Tips
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.
By Dawn Kawamoto Associate Editor, Dark Reading, 9/26/2017
Comment0 comments  |  Read  |  Post a Comment
PassGAN: Password Cracking Using Machine Learning
Jai Vijayan, Freelance writerNews
Researchers demo how deep neural networks can be trained to generate passwords better than the best password-cracking tools.
By Jai Vijayan Freelance writer, 9/25/2017
Comment1 Comment  |  Read  |  Post a Comment
SMBs Paid $301 Million to Ransomware Attackers
Dark Reading Staff, Quick Hits
But small- to midsized businesses are taking a tougher stand against ransomware attacks, according to a survey released today of the 2016-2017 period.
By Dark Reading Staff , 9/21/2017
Comment10 comments  |  Read  |  Post a Comment
Siemens' New ICS/SCADA Security Service a Sign of the Times
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Major ICS/SCADA vendors are entering the managed security services business with cloud-based offerings for energy and other industrial sectors.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/19/2017
Comment1 Comment  |  Read  |  Post a Comment
Security Orchestration & Automation: Parsing the Options
Dario Forte, CEO, DFLabsCommentary
Once you head down the path of orchestration, security teams will need to decide how much automation they are ready for. Here's how.
By Dario Forte CEO, DFLabs, 9/15/2017
Comment1 Comment  |  Read  |  Post a Comment
A New Model for 'Mathematically Provable Security'
Tim Wilson, Editor in Chief, Dark Reading, CommentaryVideo
Winn Schwartau, CEO of The Security Awareness Company, says we all know the old model of security is broken and it's time for a new one.
By Tim Wilson, Editor in Chief, Dark Reading , 9/14/2017
Comment1 Comment  |  Read  |  Post a Comment
Endpoint Security Overload
Kelly Sheridan, Associate Editor, Dark ReadingNews
CISOs and their teams are over-investing in endpoint security tools, driving inefficiency and a need to consolidate data.
By Kelly Sheridan Associate Editor, Dark Reading, 9/5/2017
Comment1 Comment  |  Read  |  Post a Comment
Security Analytics: Making the Leap from Data Lake to Meaningful Insight
Nik Whitfield, Computer Scientist & Security Technology EntrepreneurCommentary
Once you've got a lake full of data, it's essential that your analysis isn't left stranded on the shore.
By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 8/29/2017
Comment0 comments  |  Read  |  Post a Comment
Curbing the Cybersecurity Workforce Shortage with AI
Deborah Golden, Principal, Deloitte & Touche, and Federal  Cyber-Risk LeaderCommentary
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
By Deborah Golden Principal, Deloitte & Touche, and Federal Cyber-Risk Leader, 8/18/2017
Comment0 comments  |  Read  |  Post a Comment
What CISOs Need to Know about the Psychology behind Security Analysis
Kumar Saurabh, CEO and co-founder of LogicHubCommentary
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
By Kumar Saurabh CEO and co-founder of LogicHub, 8/14/2017
Comment1 Comment  |  Read  |  Post a Comment
Using AI to Break Detection Models
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/25/2017
Comment0 comments  |  Read  |  Post a Comment
How Bad Data Alters Machine Learning Results
Kelly Sheridan, Associate Editor, Dark ReadingNews
Machine learning models tested on single sources of data can prove inaccurate when presented with new sources of information.
By Kelly Sheridan Associate Editor, Dark Reading, 6/13/2017
Comment0 comments  |  Read  |  Post a Comment
How to Succeed at Incident Response Metrics
Tom Webb, Incident Handler, SANS Internet Storm CenterCommentary
Establishing a baseline of what information you need is an essential first step.
By Tom Webb Incident Handler, SANS Internet Storm Center, 6/2/2017
Comment1 Comment  |  Read  |  Post a Comment
Going Beyond Checkbox Security
InformationWeek Staff, CommentaryVideo
Terry Barbounis, cybersecurity evangelist for CenturyLink, stops by the InformationWeek News Desk.
By InformationWeek Staff , 5/24/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by nisabila50
Current Conversations interesting and useful. thanks
In reply to: rara
Post Your Own Reply
Posted by gyufinite
Current Conversations wow,its so interesting
In reply to: sasa
Post Your Own Reply
Posted by LouiseMiller
Current Conversations So what does it mean? 
In reply to: Re: Backups
Post Your Own Reply
Posted by LouiseMiller
Current Conversations wow, what can I say 
In reply to: Great post
Post Your Own Reply
More Conversations
PR Newswire
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Marc Wilczek, Digital Strategist & CIO Advisor,  10/12/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.