Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in November 2016
Georgia Tech Gets $17 Million Defense Deal For Cyberattack Attribution
Quick Hits  |  11/30/2016  | 
US Department of Defense awards research to work on technique for quick attribution of cyberattack with hard evidence.
Cybersecurity User Training That Sticks: 3 Steps
Commentary  |  11/29/2016  | 
People are eager for common-sense advice that gives them control over their environment and helps them stay safe online.
Q&A: SonicWall CEO Talks Rise Of Ransomware, IoT
News  |  11/28/2016  | 
Bill Conner discusses security risks at top of mind as the newly appointed leader of SonicWall, a company becoming independent for the second time.
Time For Security & Privacy To Come Out Of Their Silos
Commentary  |  11/28/2016  | 
By working separately, these two teams aren't operating as efficiently as they could and are missing huge opportunities.
Atlanta Attorneys Office Gets Cybercrime Unit
Quick Hits  |  11/23/2016  | 
New cell created after arrest and extradition of two Nigerians from Malaysia in alleged phishing attacks on US.
Security Automation: Striking The Right Balance
Commentary  |  11/23/2016  | 
What a smart toaster oven taught me about the importance of learning how to do a task versus the efficiency of automating the work.
8 Books Security Pros Should Read
Slideshows  |  11/23/2016  | 
Hunting for a good resource on the security industry? Check out these classics from the experts to learn more about hacking, defense, cryptography and more.
178 Arrested In Money Mule Crackdown
Quick Hits  |  11/22/2016  | 
Total of 17 countries involved in second European effort to disrupt cybercriminals' money laundering mechanism.
Raising The Nation's Cybersecurity IQ: 'Learn To Code'
Commentary  |  11/22/2016  | 
We need to ensure that the students of today are prepared for the security challenges of tomorrow.
Cyber Monday, Consumers & The Bottom Line Of A Data Breach
Commentary  |  11/18/2016  | 
Yes retailers can achieve ROI for their investments in cybersecurity during the upcoming holiday season - and for the rest of the year, too! Heres how.
Thinking Ahead: Cybersecurity In The Trump Era
News  |  11/18/2016  | 
In a panel held by the University of California Berkeley Center for Long-Term Cybersecurity and Bipartisan Policy Center, experts discuss challenges facing the incoming presidential administration.
China's Jinping Opens Tech Meet With Calls For 'Fair & Equitable' Internet
Quick Hits  |  11/18/2016  | 
The third Wuzhen World Internet Conference had a strong presence of US tech companies despite criticism of Chinas Internet laws.
Insider Threat: The Domestic Cyber Terrorist
Commentary  |  11/17/2016  | 
It is dangerously naive for business and government leaders to dismiss the risk of radicalized privileged users inside our critical industries.
Adobe To Pay $1 Million Compensation In Data Breach Case
Quick Hits  |  11/17/2016  | 
Personal data of more than 500,000 consumers from 15 states were stolen in the 2013 breach of Adobe server.
'Snoopers Charter' Set To Become Law In UK
Quick Hits  |  11/17/2016  | 
Surveillance bill goes through British Parliament and awaits only the Royal assent to become law before the year ends.
Dark Reading Radio: 'Bug Bounties & The Zero-Day Trade'
Commentary  |  11/15/2016  | 
Join us, HackerOne's Alex Rice, and Veracode's Chris Wysopal for the next episode of Dark Reading Radio, today, Wednesday Nov. 16, at 1pmET.
Preparing For The Future Of Online Threats
Commentary  |  11/14/2016  | 
Gaze into the crystal balls of a panel of forward-thinking security experts during Dark Readings virtual event Nov. 15.
How Security Scorecards Advance Security, Reduce Risk
Commentary  |  11/10/2016  | 
CISO Josh Koplik offers practical advice about bridging the gap between security and business goals in a consumer-facing media and Internet company.
75,000 Data Protection Officers Needed By 2018 To Handle EU Law
News  |  11/9/2016  | 
US alone will need 9,000 DPOs to meet GDPR mandates, says International Association of Privacy Professionals - but don't expect that many new job listings.
Stay Vigilant To The Evolving Threat Of Social Engineering
Commentary  |  11/8/2016  | 
Even the most cyber-savvy individuals can easily get tripped up by a social engineering attack. But users can trip-up a threat simply by paying attention.
The 7 Types Of Security Jobs, According To NIST
Slideshows  |  11/8/2016  | 
NISTs Cybersecurity Workforce Framework gives the security industry a way to classify specific specialty areas and work roles and identify a path for career growth.
Transitioning From The Server Room To The Boardroom
Commentary  |  11/5/2016  | 
How can IT professionals balance business goals and information security?
How Businesses, Employees Can Navigate The Security Hiring Process
News  |  11/4/2016  | 
At Black Hat Europe 2016, security experts weigh in on how companies can build strong security teams, and how employees can educate themselves to meet business needs.
Tool For Cybersecurity Job Hunters Launched
Quick Hits  |  11/2/2016  | 
CyberSeek to help candidates understand the market and locate the right opening, thus narrowing cybersecurity employment gap.
NullCrew Hacker Gets 45-Month Jail Term
Quick Hits  |  11/2/2016  | 
As member of NullCrew hacking group, Timothy Justen French carried out cyberattacks across global institutions, causing $792,000 in losses.
It's Time To Address The Cybersecurity Gender Gap Before It's Too Late
Commentary  |  11/2/2016  | 
It will take years to substantively raise the percentage of women in cybersecurity, so the tech industry better start working at it now.
Ex-FBI Chief Reviews Security For Booz Allen After NSA Contractor Arrest
Quick Hits  |  11/1/2016  | 
Robert Mueller hired after Booz Allen staff arrested for allegedly stealing classified information at NSA.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...