Upcoming Webinars
Webinar Archives
Accelerate and Simplify with Dell server Innovations featuring Intel® Xeon® processor technology
Date: Oct 21, 2014
View webinar
Register for this webinar to understand the advantages of the latest Intel® Xeon® processor technology that drives the performance of your environment, and Dell server innovation and services that drive application performance to new levels, reduce management complexity and take the risk out of migrating siloed RISC and UNIX systems into open X86 technologies.

7 Diagrams Every Software Professional Should Understand
Date: Oct 21, 2014
View webinar
You?ll deepen your understanding as Steve tackles the seven essential diagrams ? the key to developing sound software engineering judgment. Learn what really affects software projects ? and never be surprised again.

DevOps for Financial Services: 8 Best Practices
Date: Aug 10, 2014
View webinar
Register for this webinar to hear Kurt Bittner, Forrester Principal Analyst for Application Development & Delivery, talk about the increasing adoption and significant benefits of DevOps for Financial Services organizations and other fast-paced industries.

Employee Enablement Infrastructure Strategies
Date: Aug 10, 2014
View webinar
This is the third of three Information Week Webinars in a series entitled ?Mobilizing the New Millennial Workforce?, where we will bring together industry analysts and experts to share their unique perspectives on enterprise mobility, collaboration, unified communications, mobile applications, device management, mobile security and cloud-aware networks. In the era of Bring Your Own Device (BYOD), securing and managing your data housed on personal mobile devices is essential but it doesn't need to be difficult.

The Future of FedRAMP
Date: Jul 10, 2014
View webinar
This webinar will look at what agencies and service providers can expect from FedRAMP going forward.

The cost of inaction?what cyber crime could cost your business
Date: Jul 10, 2014
View webinar
The average company in the United States loses $12.7 million annually to cyber crime. Other countries are close behind. These are results from the recently completed Ponemon Institute 2014 Cost of Cyber Crime study.

Big Data 105: Leveraging Big Data Streams for Advanced Analytics
Date: Mar 10, 2014
View webinar
The most successful and innovative data-driven enterprises are augmenting their own information stores with public and proprietary feeds from social media, marketing firms, government agencies, and more.

Unleashing the Power of Real-Time Data in Insurance Marketing
Date: Feb 10, 2014
View webinar
Insurance is a highly competitive industry with immense advertising and marketing spend. But that doesn't mean that all marketing dollars are spent equally.

Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-01
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.

Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.

Published: 2014-10-01
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files gene...

Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.