Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Analytics
Page 1 / 2   >   >>
419M Facebook User Phone Numbers Publicly Exposed
Quick Hits  |  9/5/2019  | 
It's still unclear who owned the server storing hundreds of millions of records online without a password.
Splunk Buys Microservices Monitoring Firm Omnition
Quick Hits  |  9/4/2019  | 
The purchase is intended to boost Splunk's capabilities in microservices architectures.
7 Steps to Web App Security
Slideshows  |  9/3/2019  | 
Emerging technologies are introducing entirely new ways to reach, act, and interact with people. That makes app security more important than ever.
Overburdened SOC Analysts Shift Priorities
News  |  8/30/2019  | 
Many SOC analysts are starting to shut off high-alert features to keep pace with the volume, new study shows.
Retadup Worm Squashed After Infecting 850K Machines
News  |  8/29/2019  | 
An operation involving French law enforcement, the FBI, and Avast forces Retadup to delete itself from victim machines.
Magecart Shops for Victims as E-Commerce Market Grows
News  |  8/28/2019  | 
In 2.5 hours of research, one security expert uncovered more than 80 actively compromised ecommerce websites.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Slideshows  |  8/27/2019  | 
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
10 Low-Cost (or Free!) Ways to Boost Your Security AI Skills
Slideshows  |  8/23/2019  | 
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security without busting any budgets.
Stronger Defenses Force Cybercriminals to Rethink Strategy
News  |  8/14/2019  | 
Researchers see the rise of new relationships and attack techniques as criminals put companies' resilience to the test.
Internet Routing Security Initiative Launches Online 'Observatory'
News  |  8/13/2019  | 
Mutually Agreed Norms for Routing Security (MANRS) lets network operators and the public view online router incidents worldwide.
FBI Plans to Monitor Social Media May Spark Privacy Issues
Quick Hits  |  8/12/2019  | 
A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Buttigieg Campaign Adds a CISO
Quick Hits  |  8/7/2019  | 
Democratic presidential hopeful Pete Buttigieg's campaign reportedly may be the first to bring a security exec on board.
Companies' 'Anonymized' Data May Violate GDPR, Privacy Regs
News  |  7/26/2019  | 
New study found that any database containing 15 pieces of demographic data could be used to identify individuals.
New IPS Architecture Uses Network Flow Data for Analysis
News  |  7/23/2019  | 
Can a stream of data intended for network performance monitoring be the basis of network security? One company says the answer is 'yes.'
Where Businesses Waste Endpoint Security Budgets
Slideshows  |  7/15/2019  | 
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
NIST Sets Draft Guidelines for Government AI
Quick Hits  |  7/8/2019  | 
This is the first formal step in writing the standards that will guide the implementation of AI technologies within the federal government.
Toyota's Car-Hacking Tool Now Available
News  |  7/2/2019  | 
'PASTA' hardware and software kit now retails for $28,300.
Chronicle Folds into Google
News  |  6/27/2019  | 
Alphabet's enterprise cybersecurity division will become part of the Google security portfolio.
7 Ways to Mitigate Supply Chain Attacks
Slideshows  |  6/27/2019  | 
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
Developers and Security Teams Under Pressure to Collaborate
News  |  6/26/2019  | 
The challenges and benefits to getting two traditionally adversarial groups on the same page.
McAfee Sues 3 Former Staffers Now at Rival Tanium
Quick Hits  |  6/26/2019  | 
Lawsuit alleges sales representatives stole trade secrets from McAfee before joining Tanium.
Startup Raises $13.7M to Stop Breaches with Behavioral Analytics
Quick Hits  |  6/21/2019  | 
TrueFort plans to use the funding to expand sales, marketing, R&D, customer support, and go-to-market initiatives.
7 2019 Security Venture Fund Deals You Should Know
Slideshows  |  6/20/2019  | 
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
Google Targets Deceptive Sites with New Chrome Tools
Quick Hits  |  6/18/2019  | 
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
10 Notable Security Acquisitions of 2019 (So Far)
Slideshows  |  6/15/2019  | 
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
Better Cybersecurity Research Requires More Data Sharing
News  |  6/14/2019  | 
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
CrowdStrike Prices IPO Above Range at $34
News  |  6/12/2019  | 
The endpoint security firm raised $612 million ahead of today's public debut.
Predicting Vulnerability Weaponization
Commentary  |  6/12/2019  | 
Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline.
Massive Changes to Tech and Platforms, But Cybercrime? Not So Much
News  |  6/7/2019  | 
The still-relevant recommendation is to invest more in law enforcement, concludes an economic study of cybercrime.
Senior Executives More Involved with SOC Operations, Report Finds
Quick Hits  |  6/6/2019  | 
But they are still subject to the same alert fatigue and false-positive issues their junior employees face.
Palo Alto Networks Confirms PureSec Acquisition
Quick Hits  |  5/30/2019  | 
The company also agreed to buy container security company Twistlock as it develops its cloud security suite.
Don't Just Tune Your SIEM, Retune It
Commentary  |  5/29/2019  | 
Your SIEM isn't a set-it-and-forget-it proposition. It's time for a spring cleaning.
Emotet Made Up 61% of Malicious Payloads in Q1
News  |  5/29/2019  | 
The botnet has displaced credential stealers, stand-alone downloaders, and RATs in the overall threat landscape.
FireEye Buys Verodin for $250 Million
Quick Hits  |  5/28/2019  | 
Acquisition of security instrumentation firm will add more than $70 million to 2020 billing, FireEye estimates.
Keys for Working with Modern MSSPs
News  |  5/28/2019  | 
How to determine what an MSSP can do for your organization, and the questions to ask before signing a contract.
Mist Computing Startup Distributes Security AI to the Network Edge
News  |  5/24/2019  | 
MistNet, founded by former Juniper employees, moves AI processing to the network edge to build distributed detection and analysis models for security.
Microsoft Opens Defender ATP for Mac to Public Preview
Quick Hits  |  5/23/2019  | 
Users of the security platform who have preview features enabled can access Defender ATP for Mac via the Security Center onboarding section.
Attackers Are Messing with Encryption Traffic to Evade Detection
News  |  5/15/2019  | 
Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year.
Effective Pen Tests Follow These 7 Steps
Slideshows  |  5/14/2019  | 
Third-party pen tests are part of every comprehensive security plan. Here's how to get the most from this mandatory investment.
Sophos Buys Rook Security to Build DarkBytes Platform
Quick Hits  |  5/3/2019  | 
The acquisition fits into Sophos' plan to offer resellable managed detection and response services.
Threat Intelligence Firms Look to AI, but Still Require Humans
News  |  4/30/2019  | 
Machine learning and artificial intelligence are helping threat-intelligence firms cover a greater area of the darknet, but human analysts will always be necessary, experts say.
7 Ways to Get the Most from Your IDS/IPS
Slideshows  |  4/23/2019  | 
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
Researchers Find Clues for Dramatically Reducing IDS Traffic Volume
Quick Hits  |  4/19/2019  | 
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
This Week in Security Funding: Where the Money Went
News  |  4/12/2019  | 
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
Credential-Stuffing Attacks Behind 30 Billion Login Attempts in 2018
News  |  4/8/2019  | 
Using e-mail addresses and passwords from compromised sites, attackers most often targeted retail sites, video-streaming services, and entertainment companies, according to Akamai.
Microsoft Tackles IoT Security with New Azure Updates
News  |  3/28/2019  | 
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
Tidying Expert Marie Kondo: Cybersecurity Guru?
News  |  3/28/2019  | 
The "KonMari" method of decluttering can be a huge step toward greater security, according to a growing number of executives.
Russia Regularly Spoofs Regional GPS
News  |  3/26/2019  | 
The nation is a pioneer in spoofing and blocking satellite navigation signals, causing more than 9,800 incidents in the past three years, according to an analysis of navigational data.
10 Movies All Security Pros Should Watch
Slideshows  |  3/26/2019  | 
Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16317
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerabi...
CVE-2019-16318
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.
CVE-2019-16307
PUBLISHED: 2019-09-14
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKe...
CVE-2019-16294
PUBLISHED: 2019-09-14
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
CVE-2019-16309
PUBLISHED: 2019-09-14
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.