Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in January 2020
Businesses Improve Their Data Security, But Privacy Not So Much
News  |  1/29/2020  | 
While the California Consumer Privacy Act will force companies to provide a modicum of meaningful privacy, World Privacy Day still mainly celebrates data security.
Why Companies Should Care about Data Privacy Day
Commentary  |  1/29/2020  | 
Marking yesterday's 14th anniversary of Europe's first data protection day reminds us how far we still have to go.
CCPA: Cut From the Same Cloth as PCI DSS
Commentary  |  1/28/2020  | 
Finally, some good news about CCPA: If you've built your security infrastructure to PCI DSS standards, you may be already covered by California's new data protection rules
Greater Focus on Privacy Pays Off for Firms
News  |  1/27/2020  | 
Privacy-mature companies complete sales more quickly, have fewer and less serious breaches, and recover from incidents faster, according to Cisco's annual survey.
Weathering the Privacy Storm from GDPR to CCPA & PDPA
Commentary  |  1/23/2020  | 
A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.
Avoid That Billion-Dollar Fine: Blurring the Lines Between Security and Privacy
Commentary  |  1/21/2020  | 
While doing good for the user is the theoretical ideal, the threat of fiscal repercussions should drive organizations to take privacy seriously. That means security and data privacy teams must work more closely.
Data Awareness Is Key to Data Security
Commentary  |  1/21/2020  | 
Traditional data-leak prevention is not enough for businesses facing today's dynamic threat landscape.
5 Tips on How to Build a Strong Security Metrics Framework
Commentary  |  1/10/2020  | 
The carpentry maxim "measure twice, cut once" underscores the importance of timely, accurate, and regular metrics to inform security leaders' risk decisions.
Client-Side JavaScript Risks & the CCPA
Commentary  |  1/6/2020  | 
How California's new privacy law increases the liability for securing Web-facing user data, and what enterprises can do to mitigate their risk.
CCPA Kickoff: What Businesses Need to Know
News  |  1/2/2020  | 
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36610
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of ...
CVE-2022-4350
PUBLISHED: 2022-12-08
A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument content_title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to...
CVE-2022-4353
PUBLISHED: 2022-12-08
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. ...
CVE-2022-4354
PUBLISHED: 2022-12-08
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been ...
CVE-2020-36609
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to init...