Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Careers & People posted in August 2020
From Defense to Offense: Giving CISOs Their Due
Commentary  |  8/31/2020  | 
In today's unparalleled era of disruption, forward-thinking CISOs can become key to company transformation -- but this means resetting relationships with the board and C-suite.
Redefining What CISO Success Looks Like
Commentary  |  8/28/2020  | 
Key to this new definition is the principle that security programs are designed to minimize business risk, not to achieve 100% no-risk.
The Inside Threat from Psychological Manipulators
Commentary  |  8/27/2020  | 
How internal manipulators can actually degrade your organization's cyber defense, and how to defend against them.
How CISOs Can Play a New Role in Defining the Future of Work
Commentary  |  8/27/2020  | 
Rather than just reacting to security issues in the COVID-19 era, CISOs are now in a position to be change agents alongside their C-suite peers.
Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay
Commentary  |  8/20/2020  | 
Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.
10 Resume and Interview Tips from Security Pros
Slideshows  |  8/19/2020  | 
Experts from the DEF CON Career Hacking Village explain how job seekers can build a resume and rock an interview.
Secure Development Takes a (Remote) Village
Commentary  |  8/13/2020  | 
The shift to work from home isn't just about giving your Dev team the physical tools they need.
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Commentary  |  8/13/2020  | 
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
Hacking It as a CISO: Advice for Security Leadership
News  |  8/10/2020  | 
A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.
Dark Reading Video News Desk Returns to Black Hat
News  |  8/6/2020  | 
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Where Dark Reading Goes Next
News  |  8/6/2020  | 
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.
Four Rules and Three Tools to Protect Against Fake SaaS Apps
Commentary  |  8/6/2020  | 
Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.
Supporting Women in InfoSec
Supporting Women in InfoSec
Dark Reading Videos  |  8/5/2020  | 
Maxine Holt, senior research director from Omdia, explains why the time is right for women to step into more cybersecurity jobs.
Supporting Women in InfoSec
News  |  8/5/2020  | 
Maxine Holt, research director from Omdia, explains why the time is right for women to step into more cybersecurity jobs now.
Developing Community for Woman Infosec Pros in India
News  |  8/5/2020  | 
Vandana Verma tells us how women in India are finding support, education and love of cybersecurity through the growing InfosecGirls community.
What to Tell Young People of Color About InfoSec Careers
News  |  8/5/2020  | 
CEO and founder of Revolution Cyber Juliet Okafor and Baker Hughes Director of Global OT Security Programs Paul Brager talk about the unique lessons and hard truths they provide when mentoring young black cybersecurity professionals.
Pen Testers Share the Inside Story of Their Arrest and Exoneration
News  |  8/5/2020  | 
Coalfire'sGary De Mercurio and Justin Wynnshare the inside story of their infamous arrest last year while conducting a contractedred-team engagement in an Iowa courthouse -- and what it took to clear their names.
A Paramedic's Guide to Cybersecurity: Video
News  |  8/5/2020  | 
In this video segment, the Dark Reading News Desk speaks to several guests about healthcare cybersecurity. We begin with Rich Mogull, infosec pro and paramedic, for a discussion about what lessons cybersecurity can learn from emergency medical services and the parallels that already exist.
CISA Offers Tool for Career Navigation
Quick Hits  |  8/5/2020  | 
The new Cyber Career Pathways Tool helps individuals understand the roles in cybersecurity and how to prepare for them.
Cybersecurity Budget Rose in 2019, Uncertainty Prevails in 2020
News  |  8/5/2020  | 
Budgets rise as IT complexity continued to challenge companies, with identity and access management technology an increasingly common focus.
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
News  |  8/3/2020  | 
Emerging streamlined curriculum programs aim to help narrow the skills gap.
Omdia Cybersecurity Accelerator Analysts to Take Part in Black Hat USA 2020
Commentary  |  8/3/2020  | 
Analysts will participate in the Black Hat Briefings, taking place Aug. 4-6, discussing cybersecurity research, offering exclusive video presentations, and meeting with vendors and attendees.
A Patriotic Solution to the Cybersecurity Skills Shortage
Commentary  |  8/3/2020  | 
Why now is the right time for the security industry to invest in the human capital that will make technology better, smarter, and safer.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23445
PUBLISHED: 2021-09-27
This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
CVE-2021-36134
PUBLISHED: 2021-09-27
Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS).
CVE-2021-37761
PUBLISHED: 2021-09-27
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution.
CVE-2021-40329
PUBLISHED: 2021-09-27
The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management.
CVE-2021-41558
PUBLISHED: 2021-09-27
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.