Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Slideshows

Content posted in January 2020
9 Things Application Security Champions Need to Succeed
Slideshows  |  1/29/2020  | 
Common elements to highly effective security champion programs that take DevSecOps to the next level
7 Tips for Infosec Pros Considering a Lateral Career Move
Slideshows  |  1/21/2020  | 
Looking to switch things up but not sure how to do it? Security experts share their advice for switching career paths in the industry.
7 Ways to Get the Most Out of a Penetration Test
Slideshows  |  1/17/2020  | 
You'll get the best results when youre clear on what you want to accomplish from a pen test.
7 Free Tools for Better Visibility Into Your Network
Slideshows  |  1/9/2020  | 
It's hard to protect what you don't know is there. These free tools can help you understand just what it is that you need to protect -- and need to protect yourself from.
6 Security Team Goals for DevSecOps in 2020
Slideshows  |  1/2/2020  | 
Huge opportunities await security teams that are finally ready move the needle on security problems that have plagued organizations for years.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13438
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
CVE-2020-13439
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
CVE-2020-13440
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
CVE-2020-13433
PUBLISHED: 2020-05-24
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.
CVE-2020-13434
PUBLISHED: 2020-05-24
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.