Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Slideshows

Latest Content
Page 1 / 2   >   >>
7 SMB Security Tips That Will Keep Your Company Safe
Slideshows  |  10/11/2019  | 
With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect themselves from cyberattacks.
7 Considerations Before Adopting Security Standards
Slideshows  |  10/8/2019  | 
Here's what to think through as you prepare your organization for standards compliance.
8 Ways Businesses Unknowingly Help Hackers
Slideshows  |  10/4/2019  | 
From lengthy email signatures to employees' social media posts, we look at the many ways organizations make it easier for attackers to break in.
8 Microsegmentation Pitfalls to Avoid
Slideshows  |  9/30/2019  | 
Don't fall victim to these common mistakes on the path to developing better security boundaries and limiting the blast radius of security incidents.
5 Updates from PCI SSC That You Need to Know
Slideshows  |  9/25/2019  | 
As payment technologies evolve, so do the requirements for securing cardholder data.
7 Ways VPNs Can Turn from Ally to Threat
Slideshows  |  9/21/2019  | 
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.
Cybercriminal's Black Market Pricing Guide
Slideshows  |  9/17/2019  | 
Common prices criminals pay one another for products and services that fuel the cybercriminal ecosystem.
6 Questions to Ask Once Youve Learned of a Breach
Slideshows  |  9/13/2019  | 
With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.
Security Leaders Share Tips for Boardroom Chats
Slideshows  |  9/12/2019  | 
Cisco, Oracle, and LinkedIn security leaders share their challenges in communicating with business teams and advice for how CISOs can navigate the relationship.
7 Steps to Web App Security
Slideshows  |  9/3/2019  | 
Emerging technologies are introducing entirely new ways to reach, act, and interact with people. That makes app security more important than ever.
7 Breaches & Hacks That Throw Shade on Biometric Security
Slideshows  |  8/30/2019  | 
Stolen fingerprints, fake hands, voice synthetization, and other nefarious techniques show biometrics has plenty of challenges.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Slideshows  |  8/27/2019  | 
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
10 Low-Cost (or Free!) Ways to Boost Your Security AI Skills
Slideshows  |  8/23/2019  | 
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security without busting any budgets.
7 Big Factors Putting Small Businesses At Risk
Slideshows  |  8/21/2019  | 
Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
5 Ways to Improve the Patching Process
Slideshows  |  8/20/2019  | 
So many software vulnerabilities, so little time. But failure to patch them can have serious consequences. Here's help for overwhelmed security teams.
7 Biggest Cloud Security Blind Spots
Slideshows  |  8/15/2019  | 
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
Slideshows  |  8/13/2019  | 
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
7 Online Safety Tips for College Students
Slideshows  |  8/9/2019  | 
Heading back to campus soon? Here are seven tips that will get your digital house in order and keep you safe online this semester.
8 Head-Turning Ransomware Attacks to Hit City Governments
Slideshows  |  8/5/2019  | 
Hackers know vulnerable systems when they see them, and they also know this: Many government systems are decades old, running Windows 7 and even Windows XP.
8 Free Tools to Be Showcased at Black Hat and DEF CON
Slideshows  |  7/31/2019  | 
Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.
9 Things That Don't Worry You Today (But Should)
Slideshows  |  7/29/2019  | 
There are security concerns that go far beyond the usual suspects. Here are some that should be on your list of scary things.
7 Stats That Show What It Takes to Run a Modern SOC
Slideshows  |  7/24/2019  | 
An inside look at staffing levels, budget allocation, outsourcing habits, and the metrics used by security operations centers (SOCs).
6 Actions That Made GDPR Real in 2019
Slideshows  |  7/22/2019  | 
In the wake of recent fines levied against British Airways, Marriott, and Facebook, companies are starting to take data privacy and security more seriously.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Slideshows  |  7/18/2019  | 
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
The 10 Essentials of Infosec Forensics
Slideshows  |  7/17/2019  | 
Whether it's your first investigation or 500th, review the basics of IT forensics to streamline and simplify your discovery.
Where Businesses Waste Endpoint Security Budgets
Slideshows  |  7/15/2019  | 
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
10 Ways to Keep a Rogue RasPi From Wrecking Your Network
Slideshows  |  7/10/2019  | 
A Raspberry Pi attached to the network at NASA JPL became the doorway for a massive intrusion and subsequent data loss. Here's how to keep the same thing from happening to your network.
7 Hot Cybersecurity Trends to Be Highlighted at Black Hat
Slideshows  |  7/8/2019  | 
Just some of the research and ideas worth checking out at this year's 'security summer camp.'
The Truth About Your Software Supply Chain
Slideshows  |  7/1/2019  | 
Open source components help developers innovate faster, but they sometimes come at a high price.
7 Ways to Mitigate Supply Chain Attacks
Slideshows  |  6/27/2019  | 
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
7 2019 Security Venture Fund Deals You Should Know
Slideshows  |  6/20/2019  | 
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
6 Security Tips That'll Keep the Summer Fun
Slideshows  |  6/19/2019  | 
Taking some time off this summer? Before you head out on vacation, make sure your devices and apps are also ready.
10 Notable Security Acquisitions of 2019 (So Far)
Slideshows  |  6/15/2019  | 
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
7 Truths About BEC Scams
Slideshows  |  6/13/2019  | 
Business email compromise attacks are growing in prevalence and creativity. Here's a look at how they work, the latest stats, and some recent horror stories.
6 Security Scams Set to Sweep This Summer
Slideshows  |  6/6/2019  | 
Experts share the cybersecurity threats to watch for and advice to stay protected.
7 Container Components That Increase a Network's Security
Slideshows  |  6/4/2019  | 
A proof of concept at Interop19 showed just how simple a container deployment can be.
GDPR's First-Year Impact by the Numbers
Slideshows  |  5/31/2019  | 
The latest statistics on GDPR spending, compliance rates, enforcement and consumer attitudes on privacy protection.
8 Ways to Authenticate Without Passwords
Slideshows  |  5/28/2019  | 
Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.
7 Recent Wins Against Cybercrime
Slideshows  |  5/24/2019  | 
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
What You Need to Know About Zero Trust Security
Slideshows  |  5/22/2019  | 
The zero trust model might be the answer to a world in which perimeters are made to be breached. Is it right for your organization?
7 Signs of the Rising Threat of Magecart Attacks in 2019
Slideshows  |  5/20/2019  | 
Magecart attacks continue to grow in momentum. Here are the stats and stories that show what's behind the mayhem.
Effective Pen Tests Follow These 7 Steps
Slideshows  |  5/14/2019  | 
Third-party pen tests are part of every comprehensive security plan. Here's how to get the most from this mandatory investment.
Demystifying the Dark Web: What You Need to Know
Slideshows  |  5/10/2019  | 
The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.
The 2019 State of Cloud Security
Slideshows  |  5/3/2019  | 
Enterprise cloud security is making real progress, but emerging technologies call for security teams to keep up the pace.
7 Types of Experiences Every Security Pro Should Have
Slideshows  |  4/29/2019  | 
As the saying goes, experience is the best teacher. It'll also make you a better and more well-rounded security pro.
How to Build a Cloud Security Model
Slideshows  |  4/26/2019  | 
Security experts point to seven crucial steps companies should be taking as they move data and processes to cloud environments.
7 Ways to Get the Most from Your IDS/IPS
Slideshows  |  4/23/2019  | 
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
Third-Party Cyber-Risk by the Numbers
Slideshows  |  4/19/2019  | 
Recent stats show that the state of third-party cyber risk and vendor risk management remains largely immature at most organizations.
7 Tips for an Effective Employee Security Awareness Program
Slideshows  |  4/17/2019  | 
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
8 'SOC-as-a-Service' Offerings
Slideshows  |  4/12/2019  | 
These new cloud services seek to help companies figure out what their traditional SIEM alerts mean, plus how they can prioritize responses and improve their security operations.
Page 1 / 2   >   >>


For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Craig Harber, Chief Technology Officer at Fidelis Cybersecurity,  10/8/2019
A Realistic Threat Model for the Masses
Lysa Myers, Security Researcher, ESET,  10/9/2019
USB Drive Security Still Lags
Dark Reading Staff 10/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16344
PUBLISHED: 2019-10-14
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
CVE-2019-17575
PUBLISHED: 2019-10-14
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. (For example: place PHP code in a .jpg file, and then change the file's base name to filename.ph ...
CVE-2019-17579
PUBLISHED: 2019-10-14
SonarSource SonarQube before 7.8 has XSS in project links on account/projects.
CVE-2019-9745
PUBLISHED: 2019-10-14
CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is used to import data f...
CVE-2019-14838
PUBLISHED: 2019-10-14
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server