Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in January 2021
Uniphore Unveils Technologies to Strengthen Both Agent and Customer Experiences in the Contact Center
Products and Releases  |  1/29/2021  | 
New RPA and Agent Security Solutions Set a New Standard for Customer Service Amid Era of Remote Work and High Customer Expectation
Berryville Institute of Machine Learning (BIML) Gets $150,000 Open Philanthropy Grant
Products and Releases  |  1/28/2021  | 
Funding will advance ethical AI research
Dasera Releases Data Lifecycle Trust and Privacy Report on Data Privacy Day
Products and Releases  |  1/28/2021  | 
Findings reveal consumers have less trust in businesses who use or protect their data compared to 5 years ago.
Offensive Security Launches New Course and Certification for Exploit Development and Reverse Engineering
Products and Releases  |  1/27/2021  | 
New Windows User Mode Exploit Development (EXP-301) Training Course Teaches Exploit Development and Reverse Engineering Techniques
Cybercriminals Cash Out as Finance Industry Becomes Lucrative Targets
Products and Releases  |  1/27/2021  | 
Report finds 70% of financial services organizations have reported experiencing a cyberattack in the past 12 months alone.
Ivanti to Acquire Cherwell to Enable End‑to‑End Service and Asset Management
Products and Releases  |  1/27/2021  | 
Ivanti is acquiring Cherwell to expand the reach of its Neurons platform.
TetherView Launches Digital BunkerTM, a Comprehensive One-Way-In and One-Way-Out Private Cloud for Enterprise Customers
Products and Releases  |  1/26/2021  | 
Available starting today as a hosted service or solution, Digital Bunker is a complete IT infrastructure solution, enabling businesses to provide their employees with a trusted, secure virtual environment while managing inbound and outbound data access, security, compliance, disaster recovery, mobility, and more.
Former Google and Microsoft Executive Joins CloudSphere as CEO to Accelerate Company Growth
Products and Releases  |  1/26/2021  | 
Jane Gilson to lead cloud management and governance company as business scales internationally.
Owl Cyber Defense Announces Industry's First Embedded Hardware-Enforced Cybersecurity Modules
Products and Releases  |  1/26/2021  | 
Launches Pioneering Technology to Enable Rapid OEM Device Security Enhancement
CISA Launches Campaign to Reduce the Risk of Ransomware
Products and Releases  |  1/22/2021  | 
Valtix Secures $12.5M in Strategic Investments
Products and Releases  |  1/21/2021  | 
Company also names CEO, VP of worldwide sales, and VP of worldwide operations.
NextGen Cyber Talent Announces its First Pilot Cohort and Governing Board
Products and Releases  |  1/21/2021  | 
Non-profit educator launches operations and seeks to close the cyber talent and diversity gap by training traditionally underprivileged and underserved segments
Varonis Announces New Features to Combat Insider Threats and Collaboration Risks in Microsoft 365
Products and Releases  |  1/19/2021  | 
New enhancements help pinpoint and reduce organizationwide exposure of sensitive data in the cloud
Swimlane Raises $40M Growth Round to Deliver Hyper Automated Security Operations
Products and Releases  |  1/19/2021  | 
On the heels of record sales and customer growth year over year, Swimlane appoints James Brear as Chief Executive Officer and Niloofar Howe as company's newest board member.
Cybersecurity and Networking Staffing Company CIBR Warriors Launches Nationwide
Products and Releases  |  1/15/2021  | 
Firm aims to connect qualified candidates with essential positions to help fill 3.5 million cybersecurity jobs expected to go unfilled in 2021
Cyberbit Kicks Off America's Cyber Cup to Find World's Best Cyber Defense Team
Products and Releases  |  1/14/2021  | 
Premier competition will put professionals through hyper-realistic attack simulations.
Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors
Products and Releases  |  1/13/2021  | 
Connectivity surge in telcos and utilities drives explosive demand for Vdoo's Product Security Platform.
Cyber Risk Ratings Leader NormShield Rebrands to 'Black Kite'
Products and Releases  |  1/13/2021  | 
Relocates headquarters to Boston with plans to double size again in 2021.
Francisco Partners Completes Acquisition of Forcepoint
Products and Releases  |  1/12/2021  | 
Telos Announces Latest Version of its Next-Generation Cyber Risk Management Platform
Products and Releases  |  1/7/2021  | 
Xacta.io 1.5 expands support for scanning and compliance of AWS cloud resources.
Cybersecurity Firm Nisos Announces New Funding and CEO
Products and Releases  |  1/7/2021  | 
$6 million in funding led by Paladin Capital Group.
Quantum Xchange Completes Initial Series A Funding, Appoints New Business and Technology Leaders to Meet Global Demand
Products and Releases  |  1/7/2021  | 
Company Names Eddy Zervigon to CEO, Holly Neiweem as CFO, and Shahryar Shaghaghi to CTO; Phio TX inventor Gene Savchuk moves to role of chief product evangelist and strategic advisor.
Cerberus Sentinel Announces Acquisition of Alpine Security
Products and Releases  |  1/4/2021  | 
US cybersecurity services firm expands compliance and penetration testing teams


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file