Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in April 2017
A Day in the Life of a Security Avenger
Commentary  |  4/28/2017  | 
Behind the scenes with a security researcher as we follow her through a typical day defending the world against seemingly boundless cyberthreats and attacks
Why (& How) CISOs Should Talk to Company Boards
Commentary  |  4/25/2017  | 
The C-Suite needs to minimize cybersecurity risk in order to maximize its principal goal of attaining high-level, sustainable growth.
The Road Less Traveled: Building a Career in Cyberthreat Intelligence
Commentary  |  4/24/2017  | 
It's hard to become a threat intelligence pro, but there are three primary ways of going about it.
Russian Citizen Gets Record 27-Year Sentence for Hacking, Fraud Scheme
Quick Hits  |  4/21/2017  | 
Roman Valeryevich gets 27 years for hacking PoS machines. Meanwhile, spam master Pyotr Levashov's indictment is unsealed.
The Architecture of the Web Is Unsafe for Today's World
Commentary  |  4/19/2017  | 
The Internet is based on protocols that assume content is secure. A new, more realistic model is needed.
How Top Security Execs are Doing More with Less
Commentary  |  4/18/2017  | 
Even the largest corporations aren't immune to the cybersecurity skills gap an inside look at how they are coping and adjusting.
Why Brand Trumps Tech in C-Level Conversations
News  |  4/17/2017  | 
Brand reputation, not technical tools, should be the focus of the CIO's conversations with board members about the importance of security.
6 New Security Startups Named to MACH37 Spring Cohort
Slideshows  |  4/15/2017  | 
The companies selected this year include technical talent that draws from Silicon Valley to Hungary and Western Europe.
So You Want to Be a Security Rock Star?
Commentary  |  4/13/2017  | 
While the thrill of crafting attention-grabbing stunt hacks may seem like the coolest job on earth, what our industry needs more of are strong defenders who can fix things as well as break them.
How Innovative Companies Lock Down Data
Commentary  |  4/12/2017  | 
A mix of back-to-basics security and a set of new, data-centric best practices is key to defending against a future of growing and sophisticated cyberattacks.
When Hacks Are about Image instead of Money
Commentary  |  4/11/2017  | 
If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Computer Engineer Charged with Theft of Proprietary Computer Code
Quick Hits  |  4/11/2017  | 
Zhengquan Zhang arrested for stealing over 3 million files containing company trade secrets from his employer, a global finance firm.
Setting Up Security as a Business: 3 Best Practices for Security Execs
Commentary  |  4/10/2017  | 
Security leaders need to show they provide more than stop-the-bad guys services. Here's how.
How to Crack Cybersecuritys Glass Ceiling
Commentary  |  4/6/2017  | 
Sage career advice to young women from the female CTO of a security startup: Get a pair of earplugs, and put them in when you hear words like 'can't' or 'don't.'
7 Ways Hackers Target Your Employees
Slideshows  |  4/6/2017  | 
One employee under reconnaissance by cyberattackers can put your whole business at risk. Where are they being targeted, and what should they know?
GDPR Doesnt Need to be GDP-Argh!
Commentary  |  4/5/2017  | 
These 10 steps will ease the pain of compliance with the General Data Protection Regulation, the EU's new privacy law that goes into effect in a little over a year.
The Power of the Crowd: 3 Approaches to Sharing Threat Intel
Commentary  |  4/4/2017  | 
Crowdsourced intelligence can help you build a stronger, more informed cyberdefense. Heres how.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-39402
PUBLISHED: 2021-09-20
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors.
CVE-2021-40674
PUBLISHED: 2021-09-20
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
CVE-2019-16651
PUBLISHED: 2021-09-20
An issue was discovered on Virgin Media Super Hub 3 (based on ARRIS TG2492) devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebinding to leak the WAN IP address of a user (if they are using certain VPN implementations, this would...
CVE-2020-21913
PUBLISHED: 2021-09-20
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
CVE-2021-24613
PUBLISHED: 2021-09-20
The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfiltered_html capability is disallowed