Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

11/27/2017
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

8 Low or No-Cost Sources of Threat Intelligence

Here's a list of sites that for little or no cost give you plenty of ideas for where to find first-rate threat intelligence.
Previous
1 of 9
Next

Image Source: BeeBright / Shutterstock.com

Image Source: BeeBright / Shutterstock.com

Organizations know they need to get serious about threat intelligence, but it’s not always clear where to find credible information. While just about every security industry vendor website offers up information on the latest threats, some are better than others. Here, we 'll point out the sites that are the most informative and useful.

We called on Roselle Safran, president of Rosint Labs, to work with us to build a meaningful list. Safran's extensive experience in cybersecurity includes several years of service in the Executive Office of the President and Department of Homeland Security during the Obama administration.

Safran included some obvious choices from federal government sources, but she also struts her cybergeek sruff by offering up some lesser-known sites that track ransomware and malware. We combined forces with Safran to develop a list that will give novices the threat intelligence amuse-bouche they need while supplying some intel red meat for experienced security pros. 

Go through the list. You’ll find that there are many more than eight sites to choose from:

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
szurier210
50%
50%
szurier210,
User Rank: Moderator
11/30/2017 | 11:54:42 AM
Re: Where is the list?
Thanks for touching base. It's in Slideshow format. You should be able to click on the arrows under the overview page and go Slide by Slide to see the list. Let me know if you still have any problems. 
tdsan
50%
50%
tdsan,
User Rank: Ninja
11/30/2017 | 11:50:23 AM
Where is the list?
I could be missing something, but I was curious where is the list you are referencing in your article?

Please advise.
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.