Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

Most Commented Content posted in May 2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Commentary  |  5/24/2019  | 
The talent gap is too large for any one sector, and cybersecurity vendors have a big role to play in helping to close it.
Google's Origin & the Danger of Link Sharing
Commentary  |  5/23/2019  | 
How the act of sharing links to files stored in a public cloud puts organizations at risk, and what security teams can do to safeguard data and PII.
The Ransomware Dilemma: What if Your Local Government Is Next?
Commentary  |  5/30/2019  | 
Baltimore has so far refused to comply with a ransom demand. It's being forced to make a decision all such victims face: to act morally or practically.
Focusing on Endpoints: 5 Steps to Fight Cybercrime
Commentary  |  5/31/2019  | 
Follow these best practices to strengthen endpoint management strategies and protect company data.
Why Fostering Flexibility Is a Win for Women & Cybersecurity
Commentary  |  5/29/2019  | 
Creating a culture of supporting and advancing women is no small feat, but it's worth the challenge. Start with yourself. Here's how.
World Password Day or Groundhog Day?
Commentary  |  5/2/2019  | 
Despite decades trying to fortify our passwords with bolt-on solutions, attackers have always found ways to defeat them. Here are four reasons why.
How to Close the Critical Cybersecurity Talent Gap
Commentary  |  5/9/2019  | 
If we don't change our ways, the gap will keep getting worse. Outside-the-box thinking and new techniques are required, and here are a few ways to get started.
Why AI Will Create Far More Jobs Than It Replaces
Commentary  |  5/14/2019  | 
Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.
Incident Response: 3 Easy Traps & How to Avoid Them
Commentary  |  5/23/2019  | 
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
To Narrow the Cyber Skills Gap with Attackers, Cut the Red Tape
Commentary  |  5/21/2019  | 
Attackers are getting further ahead, and entrenched corporate rules shoulder much of the blame.
Caveat Emptor: Calculating the Impact of Global Attacks on Cyber Insurance
Commentary  |  5/30/2019  | 
The reality for business owners and CISOs looking to protect their business from a cyberattack is that cyber insurance is not a catchall for protecting against risk and loss.
Cybercrime: Looking Beyond the Dark Web
Commentary  |  5/28/2019  | 
Fighting cybercrime requires visibility into much more than just the Dark Web. Here's where to look and a glimpse of what you'll find.
Don't Just Tune Your SIEM, Retune It
Commentary  |  5/29/2019  | 
Your SIEM isn't a set-it-and-forget-it proposition. It's time for a spring cleaning.
Old Threats Are New Again
Commentary  |  5/21/2019  | 
They may look familiar to you, and that isn't a coincidence. New threats are often just small twists on old ones.
Killer SecOps Skills: Soft Is the New Hard
Commentary  |  5/20/2019  | 
The sooner we give mindsets and tool sets equal bearing, the better. We must put SOC team members through rigorous training for emergency situations.
A Trustworthy Digital Foundation Is Essential to Digital Government
Commentary  |  5/17/2019  | 
Agencies must take steps to ensure that citizens trust in the security of government's digital channels.
Windows 10 Migration: Getting It Right
Commentary  |  5/15/2019  | 
The transition to Windows 10 doesn't need to be a sprint. Organizations can still take advantage of the security in Windows 7 while gaining added management flexibility from the newer OS.


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20001
PUBLISHED: 2020-08-04
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.
CVE-2020-15467
PUBLISHED: 2020-08-04
The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.
CVE-2020-5615
PUBLISHED: 2020-08-04
Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2020-5616
PUBLISHED: 2020-08-04
[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] fre...
CVE-2020-5617
PUBLISHED: 2020-08-04
Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors.