Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in August 2019
Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem
News  |  8/29/2019  | 
The average payout for a critical vulnerability has almost reached $3,400, but only the top bug hunters of a field of 500,000 are truly profiting.
10 Low-Cost (or Free!) Ways to Boost Your Security AI Skills
Slideshows  |  8/23/2019  | 
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security without busting any budgets.
Beat the Heat: Dark Reading Caption Contest Winners
Commentary  |  8/16/2019  | 
Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are ...
Does Personality Make You Vulnerable to Cybercrime?
News  |  8/13/2019  | 
A new study explores the connections between personality traits and susceptibility to different cyberattacks.
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
Slideshows  |  8/13/2019  | 
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Black Hat 2019: Security Culture Is Everyone's Culture
News  |  8/7/2019  | 
In his Black Hat USA keynote, Square's Dino Dai Zovi discussed lessons learned throughout his cybersecurity career and why culture trumps strategy.
Security & the Infinite Capacity to Rationalize
Commentary  |  8/6/2019  | 
To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how.
Black Hat: A Summer Break from the Mundane and Controllable
Commentary  |  8/2/2019  | 
Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.
SecOps Success Through Employee Retention
Commentary  |  8/1/2019  | 
To keep your turnover low, focus on these areas: compensation, advancement opportunities, training, and environment.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23445
PUBLISHED: 2021-09-27
This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
CVE-2021-36134
PUBLISHED: 2021-09-27
Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS).
CVE-2021-37761
PUBLISHED: 2021-09-27
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution.
CVE-2021-40329
PUBLISHED: 2021-09-27
The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management.
CVE-2021-41558
PUBLISHED: 2021-09-27
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.