Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in May 2021
Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report
Quick Hits  |  5/28/2021  | 
A new study examines the tools and technologies driving investment and activities for security operations centers.
The Changing Face of Cybersecurity Awareness
Commentary  |  5/21/2021  | 
In the two decades since cybersecurity awareness programs emerged, they've been transformed from a good idea to a business imperative.
Dev-Sec Disconnect Undermines Secure Coding Efforts
News  |  5/20/2021  | 
Rather than continue to complain about each other, developers and security pros need to work together and celebrate their successes.
Cobalt Strike Becomes a Preferred Hacking Tool by Cybercrime, APT Groups
News  |  5/19/2021  | 
Incident response cases and research show how the red-team tool has become a become a go-to for attackers.
Name That Toon: Road Trip
Commentary  |  5/17/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
When AI Becomes the Hacker
News  |  5/13/2021  | 
Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society.
66% of CISOs Feel Unprepared for Cyberattacks
Quick Hits  |  5/12/2021  | 
More than half of CISOs surveyed are more concerned about a cyberattack in 2021 than in 2020, researchers report.
Gap Between Security and Networking Teams May Hinder Tech Projects
Quick Hits  |  5/5/2021  | 
Professionals in each field describe a poor working relationship between the two teams
Wanted: The (Elusive) Cybersecurity 'All-Star'
News  |  5/5/2021  | 
Separate workforce studies by (ISC) and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.
Dark Reading Celebrates 15th Anniversary
Commentary  |  5/3/2021  | 
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41011
PUBLISHED: 2021-09-22
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.
CVE-2021-40875
PUBLISHED: 2021-09-22
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresp...
CVE-2021-31836
PUBLISHED: 2021-09-22
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.
CVE-2021-31841
PUBLISHED: 2021-09-22
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrar...
CVE-2021-31847
PUBLISHED: 2021-09-22
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, thro...