Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

About Us

Dark Reading: Connecting The Information Security Community

Long one of the most widely-read cyber security news sites on the Web, Dark Reading is now the most trusted online community for security professionals like you. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals. We want you to join us.

This is where enterprise security staffers and decision-makers come to learn about new cyber threats, vulnerabilities, and technology trends. It's where they discuss potential defenses against the latest attacks, and key technologies and practices that may help protect their most sensitive data in the future. It's where they come to engage with one another and with Dark Reading editors to embrace new (and big) ideas, find answers to their IT security questions and solve their most pressing problems.

Dark Reading.com encompasses 13 communities, each of which drills deeper into the enterprise security challenge: Analytics, Attacks & Breaches, Application Security, Careers and People, Cloud Security, Endpoint,  IoT, Mobile, Operations, Perimeter, Risk, Threat Intelligence, and Vulnerabilities and Threats. Each community is led by editors and subject matter experts who collaborate with security researchers, technology specialists, industry analysts and other Dark Reading members to provide timely, accurate and informative articles that lead to spirited discussions.

Our goal is to challenge community members to think about security by providing strong, even unconventional points of view, backed by hard-nosed reporting, hands-on experience and the professional knowledge that comes only with years of work in the information security industry.

We want you to be part of this community. Please join us on live chats, story discussions, polls, radio shows, reader-generated discussion boards, newsletters and other interactive features -- all for free. We'll also invite you to live events where we can continue these conversations face-to-face.

Simply register here – it's free – to join the conversation and fully benefit from all the features on this site. If you're interested in participating further, contact our editors – we're always on the lookout for industry thought leaders who'd like to offer their perspectives on IT security and its role in business.

Contact Us

For more details on Dark Reading’s mission and sponsorship opportunities, download the Dark Reading Media Kit

View staff bios.

If you wish to no longer receive any promotional emails from UBM Tech please click here, [email protected].

Title Name/Email Phone
Editor In Chief Tim Wilson 703-262-0680
Executive Editor Kelly Jackson Higgins 434-960-9899
Senior Editor Sara Peters 212-600-3266
Senior Editor Curtis Franklin, Jr. 352 331 1311
Managing Editor Marilyn Cohodas 978-590-5248
Staff Editor Kelly Sheridan  

Contributing Writers

Contributing Writer Ericka Chickowski  
Contributing Writer Jai Vijayan
 
Contributing Writer Steve Zurier   

 

Media Sales     [email protected]  844-489-3223

UBM Tech Marketing
Dark Reading, InformationWeek, Network Computing
VP of Marketing, Winnie Ng 

UBM Tech
Scott Schulman, CEO, UBM Americas
Brian Field, COO, UBM Americas
Stacey Lisowski, Sr. VP, People & Culture, UBM Americas
Marco Pardi, Managing Director, UBM Tech
Tom Spaeth, Chief Financial Officer
Simon Carless Exec. VP, Game & App Development and Black Hat

Windows 10 Migration: Getting It Right
Kevin Alexandra, Principal Solutions Engineer at BeyondTrust,  5/15/2019
Artist Uses Malware in Installation
Dark Reading Staff 5/17/2019
Baltimore Ransomware Attack Takes Strange Twist
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12198
PUBLISHED: 2019-05-20
In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.
CVE-2019-12185
PUBLISHED: 2019-05-20
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web r...
CVE-2019-12184
PUBLISHED: 2019-05-19
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
CVE-2019-12173
PUBLISHED: 2019-05-18
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
CVE-2019-12172
PUBLISHED: 2019-05-17
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.