After more nearly three years of reporting and analyzing security vulnerabilities, breaches, and black hat-types, we can guarantee one truth: your data isn't safe. If it isn't threatened by a corporate insider or a blundering user, it's likely been targeted by a botnet, phisher, or organized crime. You need to know what the latest threats are, how they operate, and what they can do to your organization. We're here to help.
Dark Reading was launched in May 2006, incorporating CMP Media's Secure Enterprise and Security Pipeline publications. Our mission is to be the top security news source for enterprise IT and network security professionals, providing the most up-to-date information about products, management strategies, architectures, and security policy. Our goal is to help security professionals manage the balance between two critical, yet often conflicting goals: providing broad access to data to improve business operations; and protecting business data from theft or compromise.
Dark Reading is a security dashboard for IT professionals who don't have the time or the luxury of combing wirefeeds, multiple bug feeds, or vendor Websites to find out what's new or how well it works. Here, readers will get the latest on the security industry from our crack reporting, and also links to the best security content from all across the Web.
In other words, come for the news, but hang around for the analysis, opinion, and product reviews. (Or come back later, when some sales exec isn't bursting an artery in your doorway because a malware attack has slowed orders on the e-commerce server.)
Unlike other security Websites, Dark Reading gives readers breadth and depth. Our specialty is useful information -- as opposed to that other kind: industry arcana that's more nice than necessary to know. On a day-to-day level, that means best practices for security networking, or the benefits and challenges of new technology as described by hands-on researchers who've analyzed the threats and real customers who've slogged through the latest technology deployments. Dark Reading shows readers what the real dangers are -- and what to do about them.
Of course we talk to vendors of hardware, software, and services. We also talk to security researchers, both white hats and black hats. We hope there's something here that everyone can use. But our stories are primarily written for the buyers, managers, and consumers of security technology: Many of our readers are IT professionals with security specialties and CISSP or CISA certifications; CIOs; CTOs; CSOs, CISOs, and CCOs (that's "chief compliance officers"), among others.
As the types of malware continue to increase, data theft and loss become more prevalent, and the specter of internal threats grows larger, IT security ranks among the most serious challenges faced by businesses in any sector. When it comes time to ask the hard questions and make whatever tradeoffs are necessary, Dark Reading helps ensure you'll make smart, informed choices -- about products, management strategies, architecture, and security policy.
That's the best medicine we know for any insecurity.
If you wish to no longer receive any promotional emails from UBM Tech please click here
Dark Reading, a TechWeb publication
600 Community Drive
Manhasset, NY 11030
Free Research and Reports
- IT's Worst Nightmare, or Best Hope? - InformationWeek Conference
- Let the Digital Games Begin! - InformationWeek Conference
- Keynote Speaker: Michelle McKenna-Doyle, CIO, NFL - InformationWeek Conference
- Tower & Small Cell Summit - Tower & Small Cell Summit
- The CIO & CMO -- Adversaries No More - Interop Las Vegas
Dark Reading Digital Magazine
Quick Wins For Strengthening SMB Security
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) new_name parameter to apps/bookmarks/ajax/renameTag.php or (2) multiple unspecified parameters to unknown files in apps/contacts/ajax/.
SQL injection vulnerability in addressbookprovider.php in ownCloud Server before 5.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to the contacts application.
SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.