Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in November 2019
5 Ways to Champion and Increase Your 2020 Security Budget
Commentary  |  11/26/2019  | 
Give your organization's leadership an impactful, out-of-office experience so they know what's at stake with their budgeting decisions.
6 Top Nontechnical Degrees for Cybersecurity
Slideshows  |  11/21/2019  | 
A computer science degree isn't the only path into a cybersecurity career.
The 'Department of No': Why CISOs Need to Cultivate a Middle Way
Commentary  |  11/21/2019  | 
A chief information security officer's job inherently involves conflict, but a go-along-to-get-along approach carries its own vulnerabilities and risks.
Employee Privacy in a Mobile Workplace
Commentary  |  11/20/2019  | 
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
A Security Strategy That Centers on Humans, Not Bugs
Commentary  |  11/19/2019  | 
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.
13 Security Pros Share Their Most Valuable Experiences
Slideshows  |  11/18/2019  | 
From serving as an artillery Marine to working a help desk, infosec practitioners pinpoint experiences that had the greatest influence on their careers.
DevSecOps: The Answer to the Cloud Security Skills Gap
Commentary  |  11/15/2019  | 
There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.
Capture the Flag Planned to Find Missing Persons Information
Quick Hits  |  11/14/2019  | 
The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
5 Cybersecurity CISO Priorities for the Future
Commentary  |  11/14/2019  | 
Seven chief information security officers share their pain points and two-year spending plans.
SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?
Commentary  |  11/12/2019  | 
The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change.
9 Principles to Simplify Security
Commentary  |  11/8/2019  | 
This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.
Black Hat Q&A: Hacking a '90s Sports Car
News  |  11/7/2019  | 
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.
Raising Security Awareness: Why Tools Can't Replace People
Commentary  |  11/1/2019  | 
Training your people and building relationships outside of the security organization is the most significant investment a CISO can make.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-42699
PUBLISHED: 2022-12-06
Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.
CVE-2022-44030
PUBLISHED: 2022-12-06
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.
CVE-2022-41902
PUBLISHED: 2022-12-06
TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have p...
CVE-2022-41910
PUBLISHED: 2022-12-06
TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have p...
CVE-2022-45816
PUBLISHED: 2022-12-06
Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.