Comments
5 Reasons Why Threat Intelligence Doesn't Work
Newest First  |  Oldest First  |  Threaded View
Jonathan TIP/WhoisXML API
100%
0%
Jonathan TIP/WhoisXML API,
User Rank: Author
11/10/2018 | 3:03:26 PM
Re: Making threat intel. more effective through NLP
Yes that's a great example of automatically act upon threat intel data!  The field of automated threat intelligence is emerging with advancement in AI and NLP.  Its ultimate goal is to free analysts from mountains of data and even make decisions without human intervention.
AviC525
50%
50%
AviC525,
User Rank: Author
11/8/2018 | 5:13:36 PM
Making threat intel. more effective through NLP
Good article!

One of the ways to make threat intel. data more effective is by using NLP algotihms to automatically "read"  the threat intel. docs  (human written information) and classify the content into an "attacker intent" categories. This  process helps the analysts to accelerate invetigation and response operations 

 


'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20029
PUBLISHED: 2018-12-10
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
CVE-2018-1279
PUBLISHED: 2018-12-10
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on ...
CVE-2018-15800
PUBLISHED: 2018-12-10
Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage.
CVE-2018-15805
PUBLISHED: 2018-12-10
Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).
CVE-2018-16635
PUBLISHED: 2018-12-10
Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php.