Upcoming Webinars
Webinar Archives
7 Diagrams Every Software Professional Should Understand
Date: Oct 21, 2014
View webinar
You?ll deepen your understanding as Steve tackles the seven essential diagrams ? the key to developing sound software engineering judgment. Learn what really affects software projects ? and never be surprised again.

The Future of FedRAMP
Date: Jul 10, 2014
View webinar
This webinar will look at what agencies and service providers can expect from FedRAMP going forward.

Big Data 105: Leveraging Big Data Streams for Advanced Analytics
Date: Mar 10, 2014
View webinar
The most successful and innovative data-driven enterprises are augmenting their own information stores with public and proprietary feeds from social media, marketing firms, government agencies, and more.

Tackle Process Problems with Rapid Automated Process Discovery and End-to-End Process Optimization
Date: Jan 10, 2014
View webinar
Process improvement projects can be lengthy and costly, with considerable up-front time and effort spent just establishing the ?as is? state of current business processes to identify where process problems exist.

Unleashing Productivity with Mobile Applications
Date: Sep 30, 2014
View webinar
This is the second of three InformationWeek Webinars in a series entitled "Mobilizing the New Millennial Workforce", where we will bring together industry analysts and experts to share their unique perspectives on enterprise mobility, collaboration, unified communications, mobile applications, device management, mobile security and cloud-aware networks.

How Insurers Can Unlock the Value of Relationships
Date: Sep 30, 2014
View webinar
Join Insurance & Technology for a free, one-hour webinar to learn the current best practices for unlocking the value of customer, producer and partner relationships.

Cloud Data Encryption Myths Debunked
Date: Sep 30, 2014
View webinar
Register for this webinar now to learn about a better, smarter approach to data security in the Cloud.

Big Data 103: Creating an Enterprise-wide Governance Framework
Date: Sep 26, 2014
View webinar
Data governance is an essential component of an information management initiative, but the complexities are daunting. Which functions should be handled by central IT, and which by business units?

What can DevOps do for me and my applications?
Date: Sep 25, 2014
View webinar
In this webinar we?ll drill into what DevOps really is and why a movement focused on improving operations can help you as a developer.

Cloud 105: Cloud Security & Risk
Date: Sep 25, 2014
View webinar
InformationWeek Research has tracked attitudes on cloud security since 2012. In our early surveys, security was a deal-breaker for many companies. Today, the consensus is that every IT service has risk, and big cloud providers can attract and afford scarce security expertise better than many enterprises. In this InformationWeek University session, we?ll discuss the current state of cloud security, unique risks of the cloud and how best to mitigate them, and what IT should expect from a provider.

Real-Time Risk Analytics for Financial Services: A Guide
Date: Sep 24, 2014
View webinar
Register for this webinar to uncover techniques and best practices for detecting and identifying risk in real-time, focusing on how advanced analysis of IT data can help firms manage their exposure in the three areas of technology, financial and security risk.

Big Data 102: The Right Data Infrastructure
Date: Sep 24, 2014
View webinar
To leverage big data and analytics effectively, companies must create an environment that organizes structured, unstructured, internal, and external data effectively and processes that data efficiently.

Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5700
Published: 2014-09-22
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.2f allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/index.php or the (2) username or (3) password parameter in blocks/loginbox/loginbox.template.php to index.php. NOTE: some o...

CVE-2014-0484
Published: 2014-09-22
The Debian acpi-support package before 0.140-5+deb7u3 allows local users to gain privileges via vectors related to the "user's environment."

CVE-2014-2942
Published: 2014-09-22
Cobham Aviator 700D and 700E satellite terminals use an improper algorithm for PIN codes, which makes it easier for attackers to obtain a privileged terminal session by calculating the superuser code, and then leveraging physical access or terminal access to enter this code.

CVE-2014-3595
Published: 2014-09-22
Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

CVE-2014-3635
Published: 2014-09-22
Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows remote attackers to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one m...

Best of the Web
Dark Reading Radio