Threat Intelligence

News & Commentary
Siemens Leads Launch of Global Cybersecurity Initiative
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
White House: Russian Military Behind NotPetya Attacks
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Trump administration statement comes on the heels of UK government calling out Russia for the cyberattacks that spread through Europe and elsewhere.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
Kelly Sheridan, Associate Editor, Dark ReadingNews
New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
By Kelly Sheridan Associate Editor, Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
Kelly Sheridan, Associate Editor, Dark ReadingNews
The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
By Kelly Sheridan Associate Editor, Dark Reading, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
Kelly Sheridan, Associate Editor, Dark ReadingNews
Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
By Kelly Sheridan Associate Editor, Dark Reading, 2/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Lazarus Group Attacks Banks, Bitcoin Users in New Campaign
Kelly Sheridan, Associate Editor, Dark ReadingNews
A new Lazarus Group cyberattack campaign combines spear-phishing techniques with a cryptocurrency scanner designed to scan for Bitcoin wallets.
By Kelly Sheridan Associate Editor, Dark Reading, 2/13/2018
Comment0 comments  |  Read  |  Post a Comment
Fake News: Could the Next Major Cyberattack Cause a Cyberwar?
Joseph Carson, Chief Security Scientist at ThycoticCommentary
In the way it undercuts trust, fake news is a form of cyberattack. Governments must work to stop it.
By Joseph Carson Chief Security Scientist at Thycotic, 2/13/2018
Comment0 comments  |  Read  |  Post a Comment
Equifax Names New CISO
Dark Reading Staff, Quick Hits
Former Home Depot CISO takes the reins in the wake of Equifax's massive data breach and fallout.
By Dark Reading Staff , 2/13/2018
Comment0 comments  |  Read  |  Post a Comment
Cyberattack Aimed to Disrupt Opening of Winter Olympics
Kelly Sheridan, Associate Editor, Dark ReadingNews
Researchers who identified malware targeting the 2018 Winter Olympics say the attackers had previously compromised the Games' infrastructure.
By Kelly Sheridan Associate Editor, Dark Reading, 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The more experienced a SOC analyst gets, the more his or her job satisfaction declines, a new survey of security operations center staffers shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/12/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Adds Windows Defender ATP Support to Windows 7, 8.1
Dark Reading Staff, Quick Hits
Microsoft brings Windows Defender ATP down-level support to older versions of Windows for businesses transitioning to Windows 10.
By Dark Reading Staff , 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Tracking Bitcoin Wallets as IOCs for Ransomware
Curtis Jordan, Lead Security Engineer, TruSTARCommentary
By understanding how cybercriminals use bitcoin, threat analysts can connect the dots between cyber extortion, wallet addresses, shared infrastructure, TTPs, and attribution.
By Curtis Jordan Lead Security Engineer, TruSTAR, 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
8 Nation-State Hacking Groups to Watch in 2018
Kelly Sheridan, Associate Editor, Dark Reading
The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
By Kelly Sheridan Associate Editor, Dark Reading, 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Russian Authorities Arrest Engineers for Cryptocurrency Mining at Nuclear Weapons Site
Dark Reading Staff, Quick Hits
The nuclear weapons facility employees reportedly tried to mine cryptocurrency via a supercomputer.
By Dark Reading Staff , 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Back to Basics: AI Isn't the Answer to What Ails Us in Cyber
Amit Yoran, Chairman & CEO, Tenable Network SecurityCommentary
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
By Amit Yoran Chairman & CEO, Tenable Network Security, 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
North Korean APT Group Employed Rare Zero-Day Attack
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Recent Adobe Flash exploit discovered against South Korean targets likely purchased, not developed by the hacking group.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
Kelly Sheridan, Associate Editor, Dark ReadingNews
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
By Kelly Sheridan Associate Editor, Dark Reading, 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
Ukraine Power Distro Plans $20 Million Cyber Defense System
Dark Reading Staff, Quick Hits
After NotPetya and severe blackouts, Ukrenergo responds with an investment in cybersecurity.
By Dark Reading Staff , 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
AutoSploit: Mass Exploitation Just Got a Lot Easier
Rami Sass, CEO & Co-Founder, WhiteSourceCommentary
But the response to the new hacking tool, now readily available to the masses of script kiddies, has been a mix of outrage, fear, some applause, and more than a few shrugs.
By Rami Sass CEO & Co-Founder, WhiteSource, 2/6/2018
Comment5 comments  |  Read  |  Post a Comment
Microsoft Updates Payment, Criteria for Windows Bug Bounty
Kelly Sheridan, Associate Editor, Dark ReadingNews
The Windows Insider Preview Bounty Program will award between $500 and $15,000 for eligible submissions.
By Kelly Sheridan Associate Editor, Dark Reading, 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by MikeH762
Current Conversations Nice post. 
In reply to: Analysis
Post Your Own Reply
Posted by MikeH762
Current Conversations Nice post.
In reply to: Analysis
Post Your Own Reply
Posted by MikeH762
Current Conversations Nice post. 
In reply to: Analysis
Post Your Own Reply
More Conversations
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.