Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News from Omdia

Latest Content
What's So Great About XDR?
Commentary  |  3/31/2021  | 
XDR is a significant advance in threat detection and response technology, but few enterprises understand why. Omdia identifies four catalysts driving the emergence of XDR.
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Commentary  |  3/30/2021  | 
The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
On International Women's Day 2021, Does the 'Rule of Steve' Still Apply? Yes.
Commentary  |  3/5/2021  | 
On International Women's Day 2021, gender diversity has improved in cybersecurity, but there is still a long way to go.
Data Security Accountability in an Age of Regular Breaches
Commentary  |  2/18/2021  | 
As the number of vendors impacted by supply chain breaches grows, one constant question remains: Where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules
Commentary  |  1/28/2021  | 
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.
Bringing Zero Trust to Secure Remote Access
Commentary  |  1/12/2021  | 
Demand for secure remote access has skyrocketed during the pandemic. Here Omdia profiles more secure alternatives to virtual private network (VPN) technology.
SolarWinds Hack Lessons Learned: Finding the Next Supply Chain Attack
Commentary  |  1/11/2021  | 
The SolarWinds supply chain compromise won't be the last of its kind. Vendors and enterprises alike must learn and refine their detection efforts to find the next such attack.
Manchester United Cyberattack Highlights Controversy in Paying Ransomware Attackers
Commentary  |  11/30/2020  | 
The Premier League English football (soccer) club team is reportedly being held to ransom by cyberattackers. Manchester United may face a difficult decision: whether to pay a ransom for release of its stolen data.
Analysis: Forcepoint Can Still Succeed, but It Needs Committed Ownership
Commentary  |  10/29/2020  | 
Raytheon intends to sell Forcepoint to PE firm Francisco Partners. Despite a solid product portfolio and bold strategy, Forcepoint's future is now even more uncertain.
Trickbot Botnet Response Highlights Partnerships Preventing US Election Interference
Commentary  |  10/13/2020  | 
Recent efforts by USCYBERCOM and Microsoft to disrupt the Trickbot botnet highlight the importance of partnerships in successful malware botnet disruption.
Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance
Commentary  |  10/6/2020  | 
Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report.
IDaaS: A New Era of Cloud Identity
Commentary  |  9/30/2020  | 
As identity-as-a-service becomes the standard for enterprise identity management, upstarts and established competitors are competing to define the market's future. Participate in Omdia's IDaaS research.
Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption
Commentary  |  9/15/2020  | 
Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.
Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay
Commentary  |  8/20/2020  | 
Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.
Black Hat USA 2020 Recap: Experts Discuss Election Security Questions, but Offer Few Answers
Commentary  |  8/20/2020  | 
The U.S. election in November is once again expected to be a target of digital adversaries. Experts at Black Hat USA 2020 highlighted the many election security questions authorities must address.
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Commentary  |  8/13/2020  | 
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
A Real-World Tool for Organizing, Integrating Your Other Tools
News  |  8/6/2020  | 
Omdia Cybersecurity Accelerator analyst Eric Parizo describes the value overwhelmed security managers may find in a SPIF.
Supporting Women in InfoSec
News  |  8/5/2020  | 
Maxine Holt, research director from Omdia, explains why the time is right for women to step into more cybersecurity jobs now.
Omdia Cybersecurity Accelerator Analysts to Take Part in Black Hat USA 2020
Commentary  |  8/3/2020  | 
Analysts will participate in the Black Hat Briefings, taking place Aug. 4-6, discussing cybersecurity research, offering exclusive video presentations, and meeting with vendors and attendees.
Ripple20's Effects Will Impact IoT Cybersecurity for Years to Come
Commentary  |  7/22/2020  | 
A series of newly discovered TCP/IP software vulnerabilities pose a threat to millions of IoT devices. Undiscovered since the early 1990s, they highlight the need to improve security in an increasingly precarious IoT supply chain.
UK Data Privacy Legislation Cannot Be Bypassed to Limit Spread of COVID-19
Commentary  |  7/20/2020  | 
The UK faces GDPR data privacy challenges regarding its COVID-19 "Test and Trace" program. Despite the importance of contact tracing, its intent to ignore privacy legislation is extremely worrying.
Omdia Research Launches Page on Dark Reading
Commentary  |  7/9/2020  | 
Data and insight from a leading cybersecurity research and analysis team will broaden the information available to security professionals and technology vendors.
Introducing 'Secure Access Service Edge'
Commentary  |  7/3/2020  | 
The industry's latest buzzword is largely a repackaging exercise that bundles a collection of capabilities together and offers them as a cloud-delivered service.
IoT Security Trends & Challenges in the Wake of COVID-19
Commentary  |  6/16/2020  | 
The demand for Internet of Things security practices that protect sensitive medical equipment and data will double within the next five years. Here's why.
What's Your Cybersecurity Architecture Integration Business Plan?
Commentary  |  4/28/2020  | 
To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.
Introducing Zero-Trust Access
Commentary  |  3/26/2020  | 
It's too early to tell whether ZTA will be a VPN killer or not, but major players are ramping up products in this new class of security technology that focuses on the cloud.
It's Time to Break the 'Rule of Steve'
Commentary  |  2/20/2020  | 
Today, in a room full of cybersecurity professionals, there are still more people called Steve than there are women.
Ovum to Expand Cybersecurity Research Under New Omdia Group
News  |  2/14/2020  | 
Informa Tech combines Ovum, Heavy Reading, Tractica, and IHS Markit research.
Cybersecurity Vendor Landscape Transforming as Symantec, McAfee Enter New Eras
Commentary  |  2/6/2020  | 
Two years ago, Symantec and McAfee were both primed for a comeback. Today, both face big questions about their future.
Maersk CISO Says NotPeyta Devastated Several Unnamed US firms
Commentary  |  12/9/2019  | 
At least two companies may have been dealt even more damage than the shipping giant, which lost nearly its entire global IT infrastructure.
Threat Intelligence Gateways: A Useful Adjunct to Overworked Perimeter Security
Commentary  |  8/22/2019  | 
Comparative research shows the relative strengths and weaknesses of five TIG vendors and which kinds of security organization will reap the most benefit.
Skepticism About Symantec and Trepidation About IoT
News  |  8/10/2019  | 
BLACK HAT 2019 -- Expert analysts from Informa, Eric Parizo and Tanner Johnson visit the Dark Reading News Desk to talk about the shake-ups at Symantec and trends in IoT security.
A Password Management Report Card
Commentary  |  7/17/2019  | 
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
How to Help Your Board Navigate Cybersecurity's Legal Risks
Commentary  |  4/30/2019  | 
What's worse than a massive data breach? A massive data breach followed by a shareholder derivative lawsuit. Learn what's at stake and what CISOs can do to mitigate the damage.


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.