Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

News & Commentary
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
By Kelly Sheridan Staff Editor, Dark Reading, 7/15/2019
Comment3 comments  |  Read  |  Post a Comment
NIST Sets Draft Guidelines for Government AI
Dark Reading Staff, Quick Hits
This is the first formal step in writing the standards that will guide the implementation of AI technologies within the federal government.
By Dark Reading Staff , 7/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Toyota's Car-Hacking Tool Now Available
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
'PASTA' hardware and software kit now retails for $28,300.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/2/2019
Comment0 comments  |  Read  |  Post a Comment
Chronicle Folds into Google
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Alphabet's enterprise cybersecurity division will become part of the Google security portfolio.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/27/2019
Comment3 comments  |  Read  |  Post a Comment
7 Ways to Mitigate Supply Chain Attacks
Jai Vijayan, Contributing Writer
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
By Jai Vijayan Contributing Writer, 6/27/2019
Comment6 comments  |  Read  |  Post a Comment
Developers and Security Teams Under Pressure to Collaborate
Kelly Sheridan, Staff Editor, Dark ReadingNews
The challenges and benefits to getting two traditionally adversarial groups on the same page.
By Kelly Sheridan Staff Editor, Dark Reading, 6/26/2019
Comment12 comments  |  Read  |  Post a Comment
McAfee Sues 3 Former Staffers Now at Rival Tanium
Dark Reading Staff, Quick Hits
Lawsuit alleges sales representatives stole trade secrets from McAfee before joining Tanium.
By Dark Reading Staff , 6/26/2019
Comment1 Comment  |  Read  |  Post a Comment
Startup Raises $13.7M to Stop Breaches with Behavioral Analytics
Dark Reading Staff, Quick Hits
TrueFort plans to use the funding to expand sales, marketing, R&D, customer support, and go-to-market initiatives.
By Dark Reading Staff , 6/21/2019
Comment1 Comment  |  Read  |  Post a Comment
7 2019 Security Venture Fund Deals You Should Know
Curtis Franklin Jr., Senior Editor at Dark Reading
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/20/2019
Comment0 comments  |  Read  |  Post a Comment
Google Targets Deceptive Sites with New Chrome Tools
Dark Reading Staff, Quick Hits
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
By Dark Reading Staff , 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Better Cybersecurity Research Requires More Data Sharing
Robert Lemos, Contributing WriterNews
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
By Robert Lemos Contributing Writer, 6/14/2019
Comment1 Comment  |  Read  |  Post a Comment
CrowdStrike Prices IPO Above Range at $34
Kelly Sheridan, Staff Editor, Dark ReadingNews
The endpoint security firm raised $612 million ahead of today's public debut.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Predicting Vulnerability Weaponization
Srinivas Mukkamala, Co-founder & CEO, RiskSenseCommentary
Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline.
By Srinivas Mukkamala Co-founder & CEO, RiskSense, 6/12/2019
Comment3 comments  |  Read  |  Post a Comment
Massive Changes to Tech and Platforms, But Cybercrime? Not So Much
Robert Lemos, Contributing WriterNews
The still-relevant recommendation is to invest more in law enforcement, concludes an economic study of cybercrime.
By Robert Lemos Contributing Writer, 6/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Senior Executives More Involved with SOC Operations, Report Finds
Dark Reading Staff, Quick Hits
But they are still subject to the same alert fatigue and false-positive issues their junior employees face.
By Dark Reading Staff , 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Confirms PureSec Acquisition
Dark Reading Staff, Quick Hits
The company also agreed to buy container security company Twistlock as it develops its cloud security suite.
By Dark Reading Staff , 5/30/2019
Comment1 Comment  |  Read  |  Post a Comment
Don't Just Tune Your SIEM, Retune It
Robin Hicks, IT Security Engineer, CEDAR CX TechnologiesCommentary
Your SIEM isn't a set-it-and-forget-it proposition. It's time for a spring cleaning.
By Robin Hicks IT Security Engineer, CEDAR CX Technologies, 5/29/2019
Comment0 comments  |  Read  |  Post a Comment
Emotet Made Up 61% of Malicious Payloads in Q1
Kelly Sheridan, Staff Editor, Dark ReadingNews
The botnet has displaced credential stealers, stand-alone downloaders, and RATs in the overall threat landscape.
By Kelly Sheridan Staff Editor, Dark Reading, 5/29/2019
Comment1 Comment  |  Read  |  Post a Comment
FireEye Buys Verodin for $250 Million
Dark Reading Staff, Quick Hits
Acquisition of security instrumentation firm will add more than $70 million to 2020 billing, FireEye estimates.
By Dark Reading Staff , 5/28/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17210
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
CVE-2019-12934
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
CVE-2019-9229
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can...
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.