Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Authentication posted in May 2020
Americans Care About Security But Don't Follow Through
Quick Hits  |  5/26/2020  | 
Most Americans say they're very concerned about online security but still behave in insecure ways, according to a new survey.
Identit Comes Out of Stealth
Quick Hits  |  5/14/2020  | 
Startup emerges with three-factor, no-password authentication.
Microsoft Identity VP Shares How and Why to Ditch Passwords
News  |  5/7/2020  | 
Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.
Zoom Acquires Keybase, Plans for End-to-End Encrypted Chats
Quick Hits  |  5/7/2020  | 
The company's first acquisition to date is part of a 90-day plan to improve security in its video communications platform.
Pandemic Could Accelerate Passwordless Authentication
News  |  5/7/2020  | 
As we celebrate another World Password Day, security pros are hopeful that when we move out of the stay-at-home period, companies will continue to focus on digital technologies and ditching passwords.
Breach Hits GoDaddy SSH Customers
Quick Hits  |  5/5/2020  | 
The October 2019 breach left some customer data open to hacking eyes.
Best Practices for Managing a Remote SOC
News  |  5/1/2020  | 
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Industrial Networks' Newest Threat: Remote Users
Commentary  |  5/1/2020  | 
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Botnet Infects Hundreds of Thousands of Websites
Robert Lemos, Contributing Writer,  10/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8260
PUBLISHED: 2020-10-28
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.
CVE-2020-8261
PUBLISHED: 2020-10-28
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.
CVE-2020-8262
PUBLISHED: 2020-10-28
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.
CVE-2020-8263
PUBLISHED: 2020-10-28
A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the CGI file.
CVE-2020-8239
PUBLISHED: 2020-10-28
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.