Products and Releases

Content posted in October 2017
80% of Businesses Plan to Change Their IT Security Management in the Next 12 Months
Products and Releases  |  10/31/2017  | 
New report from SolarWinds also finds half of businesses plan to outsource security within the year.
RiskIQ Announces GDPR PII Analytics Solution for Website Compliance
Products and Releases  |  10/31/2017  | 
New functionality aims to help organizations ensure that their websites comply with the new EU General Data Protection Regulation (GDPR).
Recorded Future Raises $25M to Drive Threat Intelligence
Products and Releases  |  10/31/2017  | 
New investment will enable the company to rapidly grow its threat intelligence capabilities for customers and expand into new geographies.
Check Point Partners With LG To Secure Smart Home Devices
Products and Releases  |  10/30/2017  | 
Check Point helps block a major security vulnerability in LG SmartThinQ home IoT appliances.
Romanian Men Convicted for Role in ATM Skimming Crew
Products and Releases  |  10/30/2017  | 
Proficio Unveils 'First Year Free' Services Program
Products and Releases  |  10/30/2017  | 
One year of cybersecurity services through Proficios global security operations centers will be available to 30 select organizations
Duo Security Raises $70 Million, Earning Valuation of More than $1 Billion
Products and Releases  |  10/26/2017  | 
Duo will use round of funding led by Meritech Capital Partners and Lead Edge Capital to expand global operations and fund increased innovation in the trusted access space
Attivo Networks Announces Adaptive Deception Campaigns
Products and Releases  |  10/25/2017  | 
Self-learning Campaigns Designed for Evolving Threat Landscape, Attack Surface.
Cygilant Launches New Vulnerability and Patch Management Subscription Service
Products and Releases  |  10/25/2017  | 
Cygilants Industry-first One Vendor Approach to Vulnerability and Patch Management Aims to Streamline Workflows; Speeding Cyber Threat Response Times and Lowering Cost of Ownership
Samsung SDS America Adds BioCatch Behavioral Biometrics to Nexsign Platform to Enable Secure, Frictionless Mobile Experiences
Products and Releases  |  10/24/2017  | 
Groundbreaking Fintech Partnership Addresses Market Demand For Continuous, Strong Identity Assurance Within Mobile Banking and Payment Applications
KnowBe4 Closes $30 Million Series B Investment
Products and Releases  |  10/24/2017  | 
Funding will fuel KnowBe4s rapid international growth and continued efforts in security awareness and simulated phishing attack market.
Industrial Internet Consortium Publishes Industrial IoT Analytics Framework Technical Report
Products and Releases  |  10/24/2017  | 
Report aims to be blueprint that maps analytics to IIoT applications.
Mocana Joins Silicon Vendors to Protect the Internet of Things
Products and Releases  |  10/23/2017  | 
Industrial IoT Security Leader to Support Platform Security Architecture from Arm.
Booz Allen to Acquire Morphick for Cyber Defense
Products and Releases  |  10/23/2017  | 
Study: 61 Percent of Organizations Have Minimal Control of SSH Privileged Access
Products and Releases  |  10/20/2017  | 
Only 35 percent rotate SSH keys as an automated process when administrators leave or are reassigned
Dataguise Delivers Support for GDPR Right of Access and Erasure Requirements
Products and Releases  |  10/19/2017  | 
New Capabilities in DgSecure data-centric audit and protection (DCAP) visibility of sensitive data to address requirements.
NSS Labs Announces 2017 Breach Detection Systems Group Test Results
Products and Releases  |  10/19/2017  | 
Four Products Receive Recommended Rating, other products receive a neutral rating, security recommended rating, and caution rating.
Cornell launches Milstein Program in Technology and Humanity
Products and Releases  |  10/19/2017  | 
Pioneering a new approach to Liberal Arts education for the digital age.
Corero Network Security Expands Product Family to Include Real-Time Virtualized DDoS Protection
Products and Releases  |  10/18/2017  | 
Enables greater flexibility for deploying automated DDoS mitigation at the scale, speed and efficacy Corero is best known for
Arbor Networks Introduces DDoS Protection for Small and Medium Enterprise
Products and Releases  |  10/17/2017  | 
Advanced DDoS protection aims to provide service to customers without their having to sacrifice.
Illusive Networks New Mainframe Deception Addresses Financial Services Security
Products and Releases  |  10/16/2017  | 
Launching at Sibos: Mainframe Guard a non-intrusive solution to protect the powerhouse that keeps the worlds systems running.
Fake Insurance Tax Form Scam Aims at Stealing Data from Tax Pros, Clients
Products and Releases  |  10/12/2017  | 
Fake insurance tax form scam is making the rounds.
Former Employee of Transcontinental Railroad Company Found Guilty of Damaging Ex-Employers Computer Network
Products and Releases  |  10/10/2017  | 
Canadian Pacific Railway former employee convicted for causing intentional damage to Canadian Pacifics computer network.
BSIMM8 Study Reinforces Benchmarking in Early Stages of Software Security Initiatives
Products and Releases  |  10/9/2017  | 
First Time Released in APAC, the Latest Iteration of the Building Security in Maturity Model Shows More Organizations Jumpstarting their Software Security Initiatives with Assessments and Improving Over Time
Cymulate Adds Two New Products to Cybersecurity Lineup
Products and Releases  |  10/6/2017  | 
New McAfee Report Highlights Global Impact of Changing Data Protection Landscape
Products and Releases  |  10/5/2017  | 
Seventy Percent of Business Decision-Makers Say GDPR will Make the European Union the World Leader in Data Protection.
Dover Microsystems Launches CoreGuard
Products and Releases  |  10/5/2017  | 
Applies hardware-based cybersecurity approach to protecting IoT and embedded computing devices against cyber attacks.
Gemalto and Ledger Join Forces to Provide Security Infrastructure for Cryptocurrency Based Activities
Products and Releases  |  10/4/2017  | 
Robust encryption and transaction security for Financial Institutions
Finance Industry Faces Major Security Risks from Outdated Vendor Systems
Products and Releases  |  10/4/2017  | 
Analysis finds critical vendors lack same security standards that finance organizations hold for themselves, leaving finance industry at risk.
ISA to Lead Joint DHS - IT Sector Cybersecurity Policy Initiative
Products and Releases  |  10/3/2017  | 
ISA president Larry Clinton to lead the joint cybersecurity policy effort.
Cyber Criminals Focused on Credential Theft: Report
Products and Releases  |  10/2/2017  | 
Cryptomathic Granted New Patent for Strong Non-Repudiation with eSignatures
Products and Releases  |  10/1/2017  | 
Extends Cryptomathic's eSignature IP to bolster its remote eSignatures business.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Compliance and Risk Management Officer, AvePoint, Inc,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15601
PUBLISHED: 2018-08-21
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
CVE-2018-15603
PUBLISHED: 2018-08-21
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen.
CVE-2018-15598
PUBLISHED: 2018-08-21
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.
CVE-2018-15599
PUBLISHED: 2018-08-21
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.
CVE-2018-0501
PUBLISHED: 2018-08-21
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.