Upcoming Webinars
Webinar Archives
Threat Intelligence Overload?
Date: Aug 23, 2017
View webinar
A wide range of threat intelligence feeds and services have cropped up keep IT organizations up to date on the latest security threats. But without mechanisms in place to actually use the information, these alerts provide little benefit.

Big Data at QVC: Where Entertainment Meets Retail
Date: Aug 24, 2017
View webinar
In this live radio show you will hear about what one modern entertainment and retail company, QVC, did to create a responsive analytics process that delivers insights that can be used immediately to improve sales.

What You Need to Know about GDPR
Date: Aug 29, 2017
View webinar
GDRP is an acronym that stands for General Data Protection Regulation and it's designed to give control of personal data back to individuals and take it out of the hands of the companies that collect it for commercial use. It doesn't matter where your company is based. If you have customers who are in Europe or who may be in Europe, this law applies to you. Join us for this important session on Tuesday, August 29 at 1 pm ET/10 am PT, to help get you and your organization ready GDPR.

How to Talk to Your Management about IT Security
Date: Aug 30, 2017
View webinar
This webinar will bring you some new methods for describing and measuring your cybersecurity initiatives so that they can be understood by even the most business-oriented executives.

IP Intelligence: The Utility Player for Your Online Business
Date: Aug 31, 2017
View webinar
Join us as we explore the many benefits of IP Intelligence, and how you can use IPI to improve your customer experience, reduce fraud, improve security, protect digital content, and more. It's the utility player for your online business.

Faster, More Effective Response With Threat Intelligence & Orchestration Playbooks
Date: Aug 31, 2017
View webinar
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the goal of any security team. Baking threat intelligence into the day-to-day efforts of detecting and responding to threats is a great way to see some of these benefits. Going further and leveraging the power of a playbook-driven orchestration platform can dramatically improve efficiency and consistency. In this webinar, these concepts will be explored with practical guidance on how to use threat intelligence to feed orchestration which in-turn can drive automated triage or defensive actions. The result is a well-oiled machine where analysts can be situationally aware and quickly drive appropriate response to threats.

Moving UEBA Beyond the Ground Floor
Date: Sep 20, 2017
View webinar
This webinar will provide the details you need about UEBA so you can make the decisions on how best to protect your organization from the inside out!

Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.