About Us

Dark Reading: Connecting The Information Security Community

Long one of the most widely-read cyber security news sites on the Web, Dark Reading is now the most trusted online community for security professionals like you. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals. We want you to join us.

This is where enterprise security staffers and decision-makers come to learn about new cyber threats, vulnerabilities, and technology trends. It's where they discuss potential defenses against the latest attacks, and key technologies and practices that may help protect their most sensitive data in the future. It's where they come to engage with one another and with Dark Reading editors to embrace new (and big) ideas, find answers to their IT security questions and solve their most pressing problems.

Dark Reading.com encompasses ten communities, each of which drills deeper into the enterprise security challenge: Attacks & Breaches, Application Security, Cloud Security, Data Leaks & Insider Threats, Endpoint Security & Privacy, Mobile Security, Network & Perimeter Security, Risk Management & Compliance, Security Management & Analytics, and Vulnerabilities and Threats. Each community is led by editors and subject matter experts who collaborate with security researchers, technology specialists, industry analysts and other Dark Reading members to provide timely, accurate and informative articles that lead to spirited discussions.

Our goal is to challenge community members to think about security by providing strong, even unconventional points of view, backed by hard-nosed reporting, hands-on experience and the professional knowledge that comes only with years of work in the information security industry.

We want you to be part of this community. Please join us on live chats, story discussions, polls, radio shows, reader-generated discussion boards, newsletters and other interactive features -- all for free. We'll also invite you to live events where we can continue these conversations face-to-face.

Simply register here – it's free – to join the conversation and fully benefit from all the features on this site. If you're interested in participating further, contact our editors – we're always on the lookout for industry thought leaders who'd like to offer their perspectives on IT security and its role in business.

Contact Us

Welcome to DarkReading.com.

View staff bios.

If you wish to no longer receive any promotional emails from UBM Tech please click here, unsub@ubm.com.

Title Name/Email Phone
Editor In Chief Tim Wilson 703-262-0680
Executive Editor Kelly Jackson Higgins 434-960-9899
Senior Editor Sara Peters 212-600-3266
Community Editor
     
Marilyn Cohodas 978-590-5248
Contributing Writers
Contributing Writer Ericka Chickowski  
Contributing Writer Jai Vijayan
 
Contributing Writer John Sawyer  
     
 
 
InformationWeek Business Technology Network

NetworkComputing.com: Networking, Communications, and Storage

Susan Fogarty

Editor

InformationWeek.com: Strategic CIO, Software, Cloud, Mobile, Big Data, Government and IT Life

Susan Nunziata

Editorial Director

 
UBM Tech
Simon Foster, CEO, UBM Americas
Brian Field, COO, UBM Americas
Stacey Lisowski, Sr. VP, People & Culture, UBM Americas
Marco Pardi, Managing Director, UBM Tech
Kelley Damore, EVP Content & InformationWeek Brand Director
Tom Spaeth, Chief Financial Officer
Simon Carless Exec. VP, Game & App Development and Black Hat

Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7444
Published: 2015-09-01
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-2807
Published: 2015-09-01
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.

CVE-2015-6520
Published: 2015-09-01
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request.

CVE-2015-6727
Published: 2015-09-01
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-6728
Published: 2015-09-01
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.