Analytics

News & Commentary
7 Ways to Get the Most from Your IDS/IPS
Curtis Franklin Jr., Senior Editor at Dark Reading
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Researchers Find Clues for Dramatically Reducing IDS Traffic Volume
Dark Reading Staff, Quick Hits
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
This Week in Security Funding: Where the Money Went
Kelly Sheridan, Staff Editor, Dark ReadingNews
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2019
Comment0 comments  |  Read  |  Post a Comment
Credential-Stuffing Attacks Behind 30 Billion Login Attempts in 2018
Robert Lemos, Technology Journalist/Data ResearcherNews
Using e-mail addresses and passwords from compromised sites, attackers most often targeted retail sites, video-streaming services, and entertainment companies, according to Akamai.
By Robert Lemos , 4/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Tackles IoT Security with New Azure Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
By Kelly Sheridan Staff Editor, Dark Reading, 3/28/2019
Comment2 comments  |  Read  |  Post a Comment
Tidying Expert Marie Kondo: Cybersecurity Guru?
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The "KonMari" method of decluttering can be a huge step toward greater security, according to a growing number of executives.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/28/2019
Comment8 comments  |  Read  |  Post a Comment
Russia Regularly Spoofs Regional GPS
Robert Lemos, Technology Journalist/Data ResearcherNews
The nation is a pioneer in spoofing and blocking satellite navigation signals, causing more than 9,800 incidents in the past three years, according to an analysis of navigational data.
By Robert Lemos Technology Journalist/Data Researcher, 3/26/2019
Comment6 comments  |  Read  |  Post a Comment
10 Movies All Security Pros Should Watch
Steve Zurier, Freelance Writer
Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.
By Steve Zurier Freelance Writer, 3/26/2019
Comment7 comments  |  Read  |  Post a Comment
87% of Cloud Pros Say Lack of Visibility Masks Security
Dark Reading Staff, Quick Hits
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.
By Dark Reading Staff , 3/26/2019
Comment2 comments  |  Read  |  Post a Comment
Inside Incident Response: 6 Key Tips to Keep in Mind
Kelly Sheridan, Staff Editor, Dark Reading
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
By Kelly Sheridan Staff Editor, Dark Reading, 3/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Security Lessons from My Game Closet
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
In an era of popular video games like Fortnite and Minecraft, there is a lot to be learned about risk, luck, and strategy from some old-fashioned board games.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 3/22/2019
Comment2 comments  |  Read  |  Post a Comment
FIN7 Cybercrime Gang Rises Again
Robert Lemos, Technology Journalist/Data ResearcherNews
The group now employs a new administrative interface for managing its campaigns, as well as documents that link to SQL databases for downloading its code.
By Robert Lemos Technology Journalist/Data Researcher, 3/21/2019
Comment1 Comment  |  Read  |  Post a Comment
Businesses Manage 9.7PB of Data but Struggle to Protect It
Kelly Sheridan, Staff Editor, Dark ReadingNews
What's more, their attempts to secure it may be putting information at risk, a new report finds.
By Kelly Sheridan Staff Editor, Dark Reading, 3/21/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Brings Defender Security Tools to Mac
Kelly Sheridan, Staff Editor, Dark ReadingNews
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
By Kelly Sheridan Staff Editor, Dark Reading, 3/21/2019
Comment0 comments  |  Read  |  Post a Comment
6 Ways Mature DevOps Teams Are Killing It in Security
Ericka Chickowski, Contributing Writer, Dark Reading
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
By Ericka Chickowski Contributing Writer, Dark Reading, 3/19/2019
Comment0 comments  |  Read  |  Post a Comment
New Europol Protocol Addresses Cross-Border Cyberattacks
Dark Reading Staff, Quick Hits
The protocol is intended to support EU law enforcement in providing rapid assessment and response for cyberattacks across borders.
By Dark Reading Staff , 3/18/2019
Comment0 comments  |  Read  |  Post a Comment
Dragos Buys ICS Firm with US Dept. of Energy Roots
Dark Reading Staff, Quick Hits
NexDefense ICS security tool will be offered for free by Dragos.
By Dark Reading Staff , 3/18/2019
Comment0 comments  |  Read  |  Post a Comment
4 Reasons to Take an 'Inside Out' View of Security
Earl D. Matthews, Senior Vice President and Chief Strategy Officer at VerodinCommentary
When you approach security from the inside out, you're protecting your data by determining the most vital applications and using a risk-based strategy, which focuses on the most valuable and vulnerable assets.
By Earl D. Matthews Senior Vice President and Chief Strategy Officer at Verodin, 3/14/2019
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Think Small to Earn Big
Dark Reading Staff, Quick Hits
As the number of breaches increased 424% in 2018, the average breach size shrunk 4.7 times as attackers aimed for smaller, more vulnerable targets.
By Dark Reading Staff , 3/12/2019
Comment1 Comment  |  Read  |  Post a Comment
How China & Russia Use Social Media to Sway the West
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers break down the differences in how China and Russia use social media to manipulate American audiences.
By Kelly Sheridan Staff Editor, Dark Reading, 3/7/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7303
PUBLISHED: 2019-04-23
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 b...
CVE-2019-7304
PUBLISHED: 2019-04-23
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
CVE-2019-0223
PUBLISHED: 2019-04-23
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1...
CVE-2017-12619
PUBLISHED: 2019-04-23
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
CVE-2018-1317
PUBLISHED: 2019-04-23
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.