Analytics

News & Commentary
'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One?
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers and all they need is a small piece of JavaScript.
By Kelly Sheridan Staff Editor, Dark Reading, 2/20/2019
Comment0 comments  |  Read  |  Post a Comment
Google Research: No Simple Fix For Spectre-Class Vulnerabilities
Robert Lemos, Technology Journalist/Data ResearcherNews
Chip makers focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates - only by hard choices.
By Robert Lemos , 2/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Palo Alto Networks to Buy Demisto for $560M
Dark Reading Staff, Quick Hits
This marks Palo Alto Networks' latest acquisition and its first of 2019.
By Dark Reading Staff , 2/19/2019
Comment0 comments  |  Read  |  Post a Comment
Security Spills: 9 Problems Causing the Most Stress
Kelly Sheridan, Staff Editor, Dark Reading
Security practitioners reveal what's causing them the most frustration in their roles.
By Kelly Sheridan Staff Editor, Dark Reading, 2/14/2019
Comment0 comments  |  Read  |  Post a Comment
2018 Was Second-Most Active Year for Data Breaches
Jai Vijayan, Freelance writerNews
Hacking by external actors caused most breaches, but Web intrusions and exposures compromised more records, according to Risk Based Security.
By Jai Vijayan Freelance writer, 2/13/2019
Comment1 Comment  |  Read  |  Post a Comment
Symantec Acquires Luminate to Build on Cloud Security
Dark Reading Staff, Quick Hits
Luminate Security, which specializes in software-defined perimeter technology, will extend Symantec's integrated defense platform.
By Dark Reading Staff , 2/12/2019
Comment0 comments  |  Read  |  Post a Comment
How Hackers Could Hit Super Bowl LIII
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security threats and concerns abound for the year's biggest football game. What officials and fans can do about it.
By Kelly Sheridan Staff Editor, Dark Reading, 2/1/2019
Comment2 comments  |  Read  |  Post a Comment
Dell, CrowdStrike, Secureworks Join Forces to Secure Endpoints
Kelly Sheridan, Staff Editor, Dark ReadingNews
Dell SafeGuard and Response is geared toward businesses, governments, and schools that may lack resources they need to detect and remediate sophisticated threats.
By Kelly Sheridan Staff Editor, Dark Reading, 1/31/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of SIEM
Chetan Mundhada, Vice President of Sales at NETMONASTERYCommentary
Expectations for these security information and event management systems have grown over the years, in ways that just aren't realistic.
By Chetan Mundhada Vice President of Sales at NETMONASTERY, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
7 Business Metrics Security Pros Need to Know
Curtis Franklin Jr., Senior Editor at Dark Reading
These days, security has to speak the language of business. These KPIs will get you started.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 12/21/2018
Comment5 comments  |  Read  |  Post a Comment
How Well Is Your Organization Investing Its Cybersecurity Dollars?
Jack Jones, Chairman, FAIR InstituteCommentary
The principles, methods, and tools for performing good risk measurement already exist and are being used successfully by organizations today. They take some effort -- and are totally worth it.
By Jack Jones Chairman, FAIR Institute, 12/11/2018
Comment3 comments  |  Read  |  Post a Comment
Cyber Crooks Diversify Business with Multi-Intent Malware
Avi Chesla, CEO and Founder, empowCommentary
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
By Avi Chesla CEO and Founder, empow, 11/15/2018
Comment2 comments  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Finding Gold in the Threat Intelligence Rush
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
20 Cybersecurity Firms to Watch
Jai Vijayan, Freelance writer
A look at some of the more interesting investments, acquisitions, and strategic moves in the security sector over the past year.
By Jai Vijayan Freelance writer, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Energy Sector's IT Networks in the Bulls-Eye
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/5/2018
Comment0 comments  |  Read  |  Post a Comment
Thoma Bravo Buys Veracode
Kelly Sheridan, Staff Editor, Dark ReadingNews
Broadcom will sell Veracode, acquired last year by CA, for $950M to Thoma Bravo as it broadens its security portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Non-Computer Hacks That Should Never Happen
Steve Zurier, Freelance Writer
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.
By Steve Zurier Freelance Writer, 11/5/2018
Comment3 comments  |  Read  |  Post a Comment
Symantec Acquires Appthority And Javelin Networks
Dark Reading Staff, Quick Hits
Both buys bolster the cybersecurity company's endpoint security business.
By Dark Reading Staff , 11/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Apple Patches Multiple Major Security Flaws
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New security updates cross all Apple platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by nicfaust
Current Conversations Interesting post. Thank you.
In reply to: Hi!
Post Your Own Reply
Posted by sharmapriya
Current Conversations I really like your work...
In reply to: Very Nice
Post Your Own Reply
More Conversations
PR Newswire
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3474
PUBLISHED: 2019-02-20
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
CVE-2019-3475
PUBLISHED: 2019-02-20
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
CVE-2019-10030
PUBLISHED: 2019-02-20
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
CVE-2019-10030
PUBLISHED: 2019-02-20
A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...
CVE-2019-10030
PUBLISHED: 2019-02-20
A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.