Filtering the Threat Intelligence Tsunami

50%

Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching. Click here to learn more about optimizing your Threat Intelligence Platform.

Comment |

Email This |

Print |

RSS

Comments

Newest First | Oldest First | Threaded View

[close this box]

Be the first to post a comment regarding this story.

Hot Topics

Editors' Choice

US Turning Up the Heat on North Korea's Cyber Threat Operations

Jai Vijayan, Contributing Writer, 9/16/2019

MITRE Releases 2019 List of Top 25 Software Weaknesses

Kelly Sheridan, Staff Editor, Dark Reading, 9/17/2019

WeWork's Wi-Fi Exposed Files, Credentials, Emails

Dark Reading Staff 9/20/2019

Live Events

Webinars

[Video] Shaping the Future of IT CIO Lightning Series - Interop19

[Video] An (Ir)rational Approach to Interoperability - Interop19

Enterprise Connect Conference & Expo 2020 - Registration Now Open!

More Informa Tech Live Events

White Papers

[eBook] It's Time to Embrace the Cloud

[Case Study] Speeding Up Security Testing with Breach & Attack Simulation

The Self-Fulfilling Prophecy of the Cybersecurity Skills Shortage

How to Get Visibility into Destructive Objects with Speed, Accuracy & Scale

What's the Answer to the Vulnerability Overload Problem?

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "He's too shy to invite me out face to face!"

Cartoon Archive

Current Issue

7 Threats & Disruptive Forces Changing the Face of Cybersecurity

This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

How Enterprises Are Using IT Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-16649
PUBLISHED: 2019-09-21

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the...

CVE-2019-16650
PUBLISHED: 2019-09-21

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the se...

CVE-2019-15138
PUBLISHED: 2019-09-20

The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL.

CVE-2019-6145
PUBLISHED: 2019-09-20

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs ...

CVE-2019-6649
PUBLISHED: 2019-09-20

F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.