Containerized Apps: An 8-Point Security Checklist
7 Variants (So Far) of Mirai
I, for One, Welcome Our Robotic Security Overlords
Dark Reading Launches Second INsecurity Conference
10 Open Source Security Tools You Should Know
News & Commentary
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark ReadingNews
Hackers are using the infrastructure, meant to transmit data between applications, for command and control.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
China-Based Cyber Espionage Campaign Targets Satellite, Telecom, Defense Firms
Jai Vijayan, Freelance writerNews
Threat group Thrip is using three computers based in China to steal data from targeted companies in Southeast Asia and the US, Symantec says.
By Jai Vijayan Freelance writer, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, PreemptCommentary
Here's how hackers use network tools and stolen identities to turn a device-level compromise into an enterprise-level takedown.
By Ajit Sancheti CEO and Co-Founder, Preempt, 6/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Intel VP Talks Data Security Focus Amid Rise of Blockchain, AI
Kelly Sheridan, Staff Editor, Dark ReadingNews
Intel vice president Rick Echevarria discusses the challenges of balancing data security with new technologies like blockchain and artificial intelligence.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Alphabet Launches VirusTotal Monitor to Stop False Positives
Dark Reading Staff, Quick Hits
Alphabet's Chronicle security division releases VirusTotal Monitor, a tool for developers to check if their product will be flagged as malware.
By Dark Reading Staff , 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Improving the Adoption of Security Automation
Dan Koloski, Vice President, Oracle's Systems Management and Security  products groupCommentary
Four barriers to automation and how to overcome them.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
The Best and Worst Tasks for Security Automation
Kelly Sheridan, Staff Editor, Dark Reading
As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Mylobot Malware Brings New Sophistication to Botnets
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The malware pulls together a variety of techniques to gain a foothold and remain undiscovered.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Most Websites and Web Apps No Match for Attack Barrage
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The average website is attacked 50 times per day, with small businesses especially vulnerable.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writerNews
The electric carmaker is the victim of an "extensive and damaging" insider attack, says CEO Elon Musk.
By Jai Vijayan Freelance writer, 6/19/2018
Comment1 Comment  |  Read  |  Post a Comment
'Olympic Destroyer' Reappears in Attacks on Europe, Russia
Kelly Sheridan, Staff Editor, Dark ReadingNews
The attack group known for targeting the 2018 Winter Olympics has resurfaced in campaigns against European financial and biochem companies.
By Kelly Sheridan Staff Editor, Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
How to Prepare for 'WannaCry 2.0'
Shimon Oren, Head of Cyber Intelligence at Deep InstinctCommentary
It seems inevitable that a more-powerful follow-up to last year's malware attack will hit sooner or later. You'd better get prepared.
By Shimon Oren Head of Cyber Intelligence at Deep Instinct, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Former CIA Engineer Charged with Theft and Transmission of Classified Info
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Suspect had reportedly been named in Vault 7 leak to WikiLeaks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Secures $200M Funding Round
Dark Reading Staff, Quick Hits
The new funding round brings the company's valuation to more than $3 billion.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
5 Tips for Integrating Security Best Practices into Your Cloud Strategy
Robert Corradini, Director of Product Management at 5nineCommentary
Do 'cloud-first' strategies create a security-second mindset?
By Robert Corradini Director of Product Management at 5nine, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Security Analytics Startup Uptycs Raises $10M in Series A
Dark Reading Staff, Quick Hits
This round of funding for Uptycs, which runs an osquery-powered analytics platform, was led by ForgePoint Capital and Comcast Ventures.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Exposed Container Orchestration Systems Putting Many Orgs at Risk
Jai Vijayan, Freelance writerNews
More than 22,600 open container orchestration and API management systems discovered on the Internet.
By Jai Vijayan Freelance writer, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
'Wallchart' Phishing Campaign Exploits World Cup Watchers
Kelly Sheridan, Staff Editor, Dark ReadingNews
The details on a phishing attack designed to lure soccer fans with a subject line about the World Cup schedule and scoresheet.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
Mass. Man Pleads Guilty in ATM Jackpotting Operation
Dark Reading Staff, Quick Hits
Citizens Bank ATM and others targeted in the scheme.
By Dark Reading Staff , 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by RosanaXayaraj
Current Conversations Thanks
In reply to: Re: More information
Post Your Own Reply
More Conversations
PR Newswire
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Containerized Apps: An 8-Point Security Checklist
Jai Vijayan, Freelance writer,  6/14/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Dark Reading Live EVENTS
INsecurity 2018 A Dark Reading Conference | October 23-25 at the Sheraton Grand Chicago
INsecurity is for the defenders of enterprise securitythe IT team members tasked with protecting critical data from cyber threatsand will offer real-world case studies, peer sharing and practical, actionable content for IT teams and professionals seeking better, more effective practices for defending enterprise data.
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-0291
PUBLISHED: 2018-06-20
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol ...
CVE-2018-0292
PUBLISHED: 2018-06-20
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in ...
CVE-2018-0293
PUBLISHED: 2018-06-20
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is du...
CVE-2018-0294
PUBLISHED: 2018-06-20
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive...
CVE-2018-0295
PUBLISHED: 2018-06-20
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...
Flash Poll
Video
Slideshows
Twitter Feed