Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

Most Commented Content posted in October 2017
A Checklist for Securing the Internet of Things
Commentary  |  10/26/2017  | 
IoT devices promise endless benefits, but they also come with serious security issues. Use this checklist to make sure your company stays safe.
Security Training & Awareness: 3 Big Myths
Commentary  |  10/23/2017  | 
The once-overwhelming consensus that security awareness programs are invaluable is increasingly up for debate.
Why Patching Software Is Hard: Technical Challenges
Commentary  |  10/24/2017  | 
Huge companies like Equifax can stumble over basic technical issues. Here's why.
5 IT Practices That Put Enterprises at Risk
Commentary  |  10/2/2017  | 
No one solution will keep you 100% protected, but if you avoid these common missteps, you can shore up your security posture.
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Commentary  |  10/12/2017  | 
With social media, gathering information has never been easier, making Business Email Compromise the land of milk and honey for cybercriminals.
20 Questions to Ask Yourself before Giving a Security Conference Talk
Commentary  |  10/16/2017  | 
As cybersecurity continues to become more of a mainstream concern, those of us who speak at industry events must learn how to truly connect with our audience.
How Systematic Lying Can Improve Your Security
Commentary  |  10/11/2017  | 
No, you don't have to tell websites your mother's actual maiden name.
Why Security Leaders Can't Afford to Be Just 'Left-Brained'
Commentary  |  10/17/2017  | 
The left side of the brain is logical and linear; the right side, creative. You have to use both sides of the brain to connect to your audience in your business.
Rise in Insider Threats Drives Shift to Training, Data-Level Security
Commentary  |  10/6/2017  | 
As the value and volume of data grows, perimeter security is not enough to battle internal or external threats.
Finding Your Appetite for Security Automation (and Why That's Important)
Commentary  |  10/24/2017  | 
Yes, automation is becoming increasingly critical. But before you go all-in, determine the level that's right for your company.
Ransomware Will Target Backups: 4 Ways to Protect Your Data
Commentary  |  10/4/2017  | 
Backups are the best way to take control of your defense against ransomware, but they need protecting as well.
Private, Public, or Hybrid? Finding the Right Fit in a Bug Bounty Program
Commentary  |  10/5/2017  | 
How can a bug bounty not be a bug bounty? There are several reasons. Here's why you need to understand the differences.
3 Steps to Reduce Risk in Your Supply Chain
Commentary  |  10/27/2017  | 
Many companies have very limited visibility into their vendors' security posture -- and some may have thousands of vendors. Here are steps that every company should take to lock down their supply chains.
Preventing Credential Theft: A Security Checklist for Boards
Commentary  |  10/30/2017  | 
Board members pose a unique risk for business, but proper planning helps.
Its Time to Change the Cybersecurity Conversation
Commentary  |  10/30/2017  | 
The IT security industry needs more balance between disclosure of threats and discussion of defense practices and greater sharing of ideas


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20001
PUBLISHED: 2020-08-04
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.
CVE-2020-15467
PUBLISHED: 2020-08-04
The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.
CVE-2020-5615
PUBLISHED: 2020-08-04
Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2020-5616
PUBLISHED: 2020-08-04
[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] fre...
CVE-2020-5617
PUBLISHED: 2020-08-04
Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors.