Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Operations
Page 1 / 2   >   >>
DevSecOps: Recreating Cybersecurity Culture
Commentary  |  9/18/2019  | 
Bringing developers and security teams together guided by a common goal requires some risk-taking. With patience and confidence, it will pay off. Here's how.
US Companies Unprepared for Privacy Regulations
Quick Hits  |  9/17/2019  | 
US companies are poorly prepared for even the most rudimentary privacy regulations, a new report says.
How Intel Unlocks the Powerful Potential of Diversity in Cybersecurity
Commentary  |  9/17/2019  | 
Sparking cultural shifts within an organization -- and throughout an entire industry -- can feel like a monumental task, but the juice is well worth the squeeze.
No Quick Fix for Security-Worker Shortfall
News  |  9/13/2019  | 
Security professionals see acquiring skills as the way forward, but only half of companies are training their workers, with more continuing to search for highly skilled employees.
Taking a Fresh Look at Security Ops: 10 Tips
Commentary  |  9/13/2019  | 
Maybe you love your executive team, your security processes, tools, or strategy. Maybe you hate them. Whatever the situation, it's likely at some point that things will have changed.
Security Leaders Share Tips for Boardroom Chats
Slideshows  |  9/12/2019  | 
Cisco, Oracle, and LinkedIn security leaders share their challenges in communicating with business teams and advice for how CISOs can navigate the relationship.
Fed Kaspersky Ban Made Permanent by New Rules
Quick Hits  |  9/11/2019  | 
A new set of regulations converts the government ban on using Kaspersky products from a temporary rule to one that's permanent.
New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims
News  |  9/5/2019  | 
Tide's method for protecting passwords splinters them up into tiny pieces and stores them on distributed nodes.
Phishing Campaign Uses SharePoint to Slip Past Defenses
News  |  9/4/2019  | 
Cybercriminals targeting financial institutions in the UK bypassed Symantec email gateway and other perimeter technologies.
Splunk Buys Microservices Monitoring Firm Omnition
Quick Hits  |  9/4/2019  | 
The purchase is intended to boost Splunk's capabilities in microservices architectures.
Multicloud Businesses Face Higher Breach Risk
News  |  9/3/2019  | 
A new report finds 52% of multicloud environments have suffered a breach within the past year, compared with 24% of hybrid cloud users.
3 Promising Technologies Making an Impact on Cybersecurity
Commentary  |  9/3/2019  | 
The common thread: Each acts as a force multiplier, adding value to every other security technology around it.
ISAC 101: Unlocking the Power of Information
Commentary  |  9/2/2019  | 
How information sharing and analysis centers provide contextual threat information by creating communities that helps security professionals and their organizations grow in maturity and capability.
Google Cloud Releases Beta of Managed Service to Microsoft AD
Quick Hits  |  8/29/2019  | 
Managed Service for Microsoft Active Directory was built to help admins handle cloud-based workloads.
More Than Half of Social Media Login Attempts Are Fraud
News  |  8/26/2019  | 
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
IBM Announces Quantum Safe Encryption
Quick Hits  |  8/23/2019  | 
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
Threat Intelligence Gateways: A Useful Adjunct to Overworked Perimeter Security
Commentary  |  8/22/2019  | 
Comparative research shows the relative strengths and weaknesses of five TIG vendors and which kinds of security organization will reap the most benefit.
LinkedIn Details Features of Fight Against Fakes
Quick Hits  |  8/22/2019  | 
A recent blog post explains how the social network is fighting to protect its users from interactions with fake accounts.
Texas Towns Recover, but Local Governments Have Little Hope for Respite from Ransomware
News  |  8/22/2019  | 
Their struggles underscore the difficulties for small towns in dealing with cyberattacks.
SafeGuard Cyber Adds Security, Compliance Capabilities for WeChat
Quick Hits  |  8/22/2019  | 
A lack of visibility into the app could expose business users to compliance risks and security threats, the company says.
New FISMA Report Shows Progress, Gaps in Federal Cybersecurity
News  |  8/21/2019  | 
No major incidents mixed with continuing gaps in implementation paint an improving, but still muddy, picture of cybersecurity in the federal government.
'Box Shield' Brings New Security Controls
News  |  8/21/2019  | 
New controls and threat detection capabilities built into Box aim to prevent accidental data leakage and misuse.
State-Sponsored Cyberattacks Target Medical Research
News  |  8/21/2019  | 
Cancer research is a particular target among Chinese espionage groups, says security firm FireEye.
'Phoning Home': Your Latest Data Exfiltration Headache
Commentary  |  8/21/2019  | 
Companies phone enterprise customer data home securely and for a variety of perfectly legitimate and useful reasons. The problems stem from insufficient disclosure.
7 Big Factors Putting Small Businesses At Risk
Slideshows  |  8/21/2019  | 
Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
Who Gets Privileged Access & How to Enforce It
Commentary  |  8/20/2019  | 
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
Towns Across Texas Hit in Coordinated Ransomware Attack
News  |  8/19/2019  | 
The state government and cybersecurity groups have mobilized to respond to a mass ransomware attack that simultaneously hit 22 different towns statewide.
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
News  |  8/19/2019  | 
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
Tough Love: Debunking Myths about DevOps & Security
Commentary  |  8/19/2019  | 
It's time to move past trivial 'shift left' conceptions of DevSecOps and take a hard look at how security work actually gets accomplished.
Attackers Try to Evade Defenses with Smaller DDoS Floods, Probes
News  |  8/14/2019  | 
Cybercriminals are initiating more attacks using low-bandwidth techniques, but the tactics expand the gray area between DDoS attacks and popular methods of mass scanning.
BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints
Quick Hits  |  8/14/2019  | 
Thousands of organizations, including banks, governments, and the UK Metropolitan Police, use the biometric security tool to authenticate users.
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
News  |  8/13/2019  | 
Similar to the now-patched 'BlueKeep' vulnerability, two flaws fixed today could let malware spread across vulnerable computers.
Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
News  |  8/12/2019  | 
Attackers can use vulnerable drivers to escalate privilege and execute malicious code in every part of the system.
More Focus on Security as Payment Technologies Proliferate
News  |  8/12/2019  | 
Banks and merchants are expanding their payment offerings but continue to be wary of the potential fraud risk.
State Farm Reports Credential-Stuffing Attack
Quick Hits  |  8/9/2019  | 
The insurer has informed customers a third party used a list of user IDs and passwords to attempt access into online accounts.
It's (Still) the Password, Stupid!
Commentary  |  8/9/2019  | 
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.
How Behavioral Data Shaped a Security Training Makeover
News  |  8/8/2019  | 
A new program leveraged behavioral data of employees to determine when they excelled at security and where they needed improvement.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Rethinking Website Spoofing Mitigation
Commentary  |  8/7/2019  | 
Deception technology is evolving rapidly, making it easier for organizations to turn the tables on their attackers. Here's how.
Security & the Infinite Capacity to Rationalize
Commentary  |  8/6/2019  | 
To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how.
Fighting Back Against Mobile Fraudsters
Commentary  |  8/5/2019  | 
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
Capital One: What We Should Learn This Time
News  |  8/2/2019  | 
Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.
Black Hat: A Summer Break from the Mundane and Controllable
Commentary  |  8/2/2019  | 
Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.
Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product
News  |  8/1/2019  | 
A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 but the company ignored the issues and fired the consultant.
Demystifying New FIDO Standards & Innovations
Commentary  |  8/1/2019  | 
Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.
Google Cloud Debuts New Security Capabilities
Quick Hits  |  7/31/2019  | 
Updates include Advanced Protection Program for the enterprise and general availability of password vaulted apps in Cloud Identity and G Suite.
Apple Device Management Firm Jamf Acquires Digita Security
Quick Hits  |  7/31/2019  | 
Digita Security's Apple Mac endpoint protection solutions will join Jamf's MDM suite for iOS and MacOS.
The Attribution Trap: A Waste of Precious Time & Money
Commentary  |  7/31/2019  | 
Aiming for attribution doesn't help most organizations become more secure. It can actually have the opposite effect.
Transforming 'Tangible Security' into a Competitive Advantage
Commentary  |  7/30/2019  | 
Today's consumers want to see and touch security. Meeting this demand will be a win-win for everyone, from users to vendors to security teams.
Deutsche Bank Email Vulnerability Left Ex-Employees with Access
Quick Hits  |  7/29/2019  | 
Failures in computer and control systems are being blamed.
Page 1 / 2   >   >>


US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16413
PUBLISHED: 2019-09-19
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
CVE-2019-3738
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
CVE-2019-3739
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
CVE-2019-3740
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
CVE-2019-3756
PUBLISHED: 2019-09-18
RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to low-privileged RSA Archer users' UI under certain error conditions.