Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in August 2015
Sights & Sounds Of Black Hat USA And DEF CON
Slideshows  |  8/31/2015  | 
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Commentary  |  8/31/2015  | 
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
Ashley Madison CEO Resigns
Quick Hits  |  8/28/2015  | 
Once again, a security breach claims an executive's job, but the business plans to continue operating.
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
Dark Reading Videos  |  8/27/2015  | 
Veracode's Chris Wysopal visits the Dark Reading News Desk at Black Hat to discuss application security, what CISOs' top priorities are, and what they should be.
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Dark Reading Videos  |  8/27/2015  | 
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
Getting To Yes, Cooperatively
Commentary  |  8/26/2015  | 
As security advocates, determining what beneficial means to a particular audience should be our first step in developing recommendations.
Kelly's Glimpse Of Black Hat
Kelly's Glimpse Of Black Hat
Dark Reading Videos  |  8/26/2015  | 
Dark Reading executive editor Kelly Jackson Higgins talks through the top trends and sessions, and how the industry has evolved since her first trip to Black Hat.
Making The Security Case For A Software-Defined Perimeter
Commentary  |  8/18/2015  | 
With SDP, organizations can create an 'invisible' infrastructure that only authorized users and devices can access. Heres why its time has come.
CISOs Spend Too Much Time On Tech, Not Enough On Strategy
News  |  8/17/2015  | 
Deloitte's CISO Transition Lab finds CISOs spend 77 percent of their time on technical aspects of the job, and is helping them become more strategic.
View From The Top: Governments Role In Cybersecurity
Slideshows  |  8/14/2015  | 
At the DarkReading News Desk, live from Black Hat, industry experts Dan Kaminsky, Richard Bejtlich, Katie Moussouris, Paul Kurtz, and Rod Beckstrom talked about how government is hurting and could be helping infosec.
How To Empower Women In Security
Commentary  |  8/11/2015  | 
First-ever Black Hat USA women in security panel debuted last week--and now will be an annual event.
Will it Blend? Earns Pwnie For Best Client Bug; OPM for Most Epic Fail
News  |  8/6/2015  | 
Pwnie Awards continue to celebrate the best bug discoveries and worst security fails.
From The Black Hat Keynote Stage: Jennifer Granick
News  |  8/5/2015  | 
World famous defender of hackers, privacy, and civil liberties exhorts attendees to preserve the dream of an open Internet.
Black Hat USA: Empowering Women In Security
Commentary  |  8/4/2015  | 
A panel of influential women in the security industry will share their insights and identify resources for fostering professional development (and recruiting) of women in the field.
Dark Reading News Desk Live At Black Hat 2015
News  |  8/4/2015  | 
Please join host Sara Peters and her guests for the first-ever Dark Reading News Desk show at Black Hat USA 2015. Thursday's broadcast begins at 11 a.m. PDT, 2 p.m. EDT
Dark Reading Launches Jobs Board
Commentary  |  8/4/2015  | 
New feature will help hiring companies and security job seekers find each other online.
Dark Reading Preps Week Of Show Coverage At Black Hat USA
Commentary  |  8/3/2015  | 
If you want to know what's happening in Las Vegas this week at Black Hat, Dark Reading's got the scoop.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file