About Us

Dark Reading: Connecting The Information Security Community

Long one of the most widely-read cyber security news sites on the Web, Dark Reading is now the most trusted online community for security professionals like you. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals. We want you to join us.

This is where enterprise security staffers and decision-makers come to learn about new cyber threats, vulnerabilities, and technology trends. It's where they discuss potential defenses against the latest attacks, and key technologies and practices that may help protect their most sensitive data in the future. It's where they come to engage with one another and with Dark Reading editors to embrace new (and big) ideas, find answers to their IT security questions and solve their most pressing problems.

Dark Reading.com encompasses ten communities, each of which drills deeper into the enterprise security challenge: Attacks & Breaches, Application Security, Cloud Security, Data Leaks & Insider Threats, Endpoint Security & Privacy, Mobile Security, Network & Perimeter Security, Risk Management & Compliance, Security Management & Analytics, and Vulnerabilities and Threats. Each community is led by editors and subject matter experts who collaborate with security researchers, technology specialists, industry analysts and other Dark Reading members to provide timely, accurate and informative articles that lead to spirited discussions.

Our goal is to challenge community members to think about security by providing strong, even unconventional points of view, backed by hard-nosed reporting, hands-on experience and the professional knowledge that comes only with years of work in the information security industry.

We want you to be part of this community. Please join us on live chats, story discussions, polls, radio shows, reader-generated discussion boards, newsletters and other interactive features -- all for free. We'll also invite you to live events where we can continue these conversations face-to-face.

Simply register here – it's free – to join the conversation and fully benefit from all the features on this site. If you're interested in participating further, contact our editors – we're always on the lookout for industry thought leaders who'd like to offer their perspectives on IT security and its role in business.

Contact Us

Welcome to DarkReading.com.

View staff bios.

If you wish to no longer receive any promotional emails from UBM Tech please click here, unsub@ubm.com.

Title Name/Email Phone
Editor In Chief Tim Wilson 703-262-0680
Senior Editor Kelly Jackson Higgins 434-960-9899
Community Editor Marilyn Cohodas 978-590-5248
Associate Editor Mathew J. Schwartz
     
Contributing Writers
Contributing Writer Ericka Chickowski
Contributing Writer Robert Lemos
Contributing Writer Brian Prince
Contributing Writer John Sawyer
 
Editors
InformationWeek.com
VP and Editor In Chief Rob Preston 516-562-5692
Editor Chris Murphy 414-906-5331
Editor In Chief, InformationWeek.com Laurianne McLaughlin 516-562-7009
Managing Editor Paul Travis 516-562-5217
Managing Editor Jim Donahue 516-562-7980
Managing Editor Shane O'Neill 617-202-3710
InformationWeek
Government
David F. Carr Editor
InformationWeek
Healthcare
Alison Diana Editor
516-562-5052
     
InformationWeek Reports
Content Director, Reports Lorna Garey 978-694-1681
Managing Editor, Research Heather Vallis 516-562-7501
     
InformationWeek Business Technology Network
NetworkComputing.com
Networking, Communications, and Storage
Susan Fogarty Site Editor
Dr. Dobb's
The World of Software Development
Andrew Binstock Editor In Chief
 
UBM Tech
Paul Miller CEO
Marco Pardi President, Events
David Michael CIO
Kelley Damore Chief Community Officer
Simon Carless Exec. VP, Game & App Development and Black Hat
Rakhi Williams, Chief of Staff
Angela Scalpello Sr. VP, People & Culture

Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.