Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in October 2017
80% of Businesses Plan to Change Their IT Security Management in the Next 12 Months
Products and Releases  |  10/31/2017  | 
New report from SolarWinds also finds half of businesses plan to outsource security within the year.
RiskIQ Announces GDPR PII Analytics Solution for Website Compliance
Products and Releases  |  10/31/2017  | 
New functionality aims to help organizations ensure that their websites comply with the new EU General Data Protection Regulation (GDPR).
Recorded Future Raises $25M to Drive Threat Intelligence
Products and Releases  |  10/31/2017  | 
New investment will enable the company to rapidly grow its threat intelligence capabilities for customers and expand into new geographies.
Check Point Partners With LG To Secure Smart Home Devices
Products and Releases  |  10/30/2017  | 
Check Point helps block a major security vulnerability in LG SmartThinQ home IoT appliances.
Romanian Men Convicted for Role in ATM Skimming Crew
Products and Releases  |  10/30/2017  | 
Proficio Unveils 'First Year Free' Services Program
Products and Releases  |  10/30/2017  | 
One year of cybersecurity services through Proficios global security operations centers will be available to 30 select organizations
Duo Security Raises $70 Million, Earning Valuation of More than $1 Billion
Products and Releases  |  10/26/2017  | 
Duo will use round of funding led by Meritech Capital Partners and Lead Edge Capital to expand global operations and fund increased innovation in the trusted access space
Attivo Networks Announces Adaptive Deception Campaigns
Products and Releases  |  10/25/2017  | 
Self-learning Campaigns Designed for Evolving Threat Landscape, Attack Surface.
Cygilant Launches New Vulnerability and Patch Management Subscription Service
Products and Releases  |  10/25/2017  | 
Cygilants Industry-first One Vendor Approach to Vulnerability and Patch Management Aims to Streamline Workflows; Speeding Cyber Threat Response Times and Lowering Cost of Ownership
Samsung SDS America Adds BioCatch Behavioral Biometrics to Nexsign Platform to Enable Secure, Frictionless Mobile Experiences
Products and Releases  |  10/24/2017  | 
Groundbreaking Fintech Partnership Addresses Market Demand For Continuous, Strong Identity Assurance Within Mobile Banking and Payment Applications
KnowBe4 Closes $30 Million Series B Investment
Products and Releases  |  10/24/2017  | 
Funding will fuel KnowBe4s rapid international growth and continued efforts in security awareness and simulated phishing attack market.
Industrial Internet Consortium Publishes Industrial IoT Analytics Framework Technical Report
Products and Releases  |  10/24/2017  | 
Report aims to be blueprint that maps analytics to IIoT applications.
Mocana Joins Silicon Vendors to Protect the Internet of Things
Products and Releases  |  10/23/2017  | 
Industrial IoT Security Leader to Support Platform Security Architecture from Arm.
Booz Allen to Acquire Morphick for Cyber Defense
Products and Releases  |  10/23/2017  | 
Study: 61 Percent of Organizations Have Minimal Control of SSH Privileged Access
Products and Releases  |  10/20/2017  | 
Only 35 percent rotate SSH keys as an automated process when administrators leave or are reassigned
Dataguise Delivers Support for GDPR Right of Access and Erasure Requirements
Products and Releases  |  10/19/2017  | 
New Capabilities in DgSecure data-centric audit and protection (DCAP) visibility of sensitive data to address requirements.
NSS Labs Announces 2017 Breach Detection Systems Group Test Results
Products and Releases  |  10/19/2017  | 
Four Products Receive Recommended Rating, other products receive a neutral rating, security recommended rating, and caution rating.
Cornell launches Milstein Program in Technology and Humanity
Products and Releases  |  10/19/2017  | 
Pioneering a new approach to Liberal Arts education for the digital age.
Corero Network Security Expands Product Family to Include Real-Time Virtualized DDoS Protection
Products and Releases  |  10/18/2017  | 
Enables greater flexibility for deploying automated DDoS mitigation at the scale, speed and efficacy Corero is best known for
Arbor Networks Introduces DDoS Protection for Small and Medium Enterprise
Products and Releases  |  10/17/2017  | 
Advanced DDoS protection aims to provide service to customers without their having to sacrifice.
Illusive Networks New Mainframe Deception Addresses Financial Services Security
Products and Releases  |  10/16/2017  | 
Launching at Sibos: Mainframe Guard a non-intrusive solution to protect the powerhouse that keeps the worlds systems running.
Fake Insurance Tax Form Scam Aims at Stealing Data from Tax Pros, Clients
Products and Releases  |  10/12/2017  | 
Fake insurance tax form scam is making the rounds.
Former Employee of Transcontinental Railroad Company Found Guilty of Damaging Ex-Employers Computer Network
Products and Releases  |  10/10/2017  | 
Canadian Pacific Railway former employee convicted for causing intentional damage to Canadian Pacifics computer network.
BSIMM8 Study Reinforces Benchmarking in Early Stages of Software Security Initiatives
Products and Releases  |  10/9/2017  | 
First Time Released in APAC, the Latest Iteration of the Building Security in Maturity Model Shows More Organizations Jumpstarting their Software Security Initiatives with Assessments and Improving Over Time
Cymulate Adds Two New Products to Cybersecurity Lineup
Products and Releases  |  10/6/2017  | 
New McAfee Report Highlights Global Impact of Changing Data Protection Landscape
Products and Releases  |  10/5/2017  | 
Seventy Percent of Business Decision-Makers Say GDPR will Make the European Union the World Leader in Data Protection.
Dover Microsystems Launches CoreGuard
Products and Releases  |  10/5/2017  | 
Applies hardware-based cybersecurity approach to protecting IoT and embedded computing devices against cyber attacks.
Gemalto and Ledger Join Forces to Provide Security Infrastructure for Cryptocurrency Based Activities
Products and Releases  |  10/4/2017  | 
Robust encryption and transaction security for Financial Institutions
Finance Industry Faces Major Security Risks from Outdated Vendor Systems
Products and Releases  |  10/4/2017  | 
Analysis finds critical vendors lack same security standards that finance organizations hold for themselves, leaving finance industry at risk.
ISA to Lead Joint DHS - IT Sector Cybersecurity Policy Initiative
Products and Releases  |  10/3/2017  | 
ISA president Larry Clinton to lead the joint cybersecurity policy effort.
Cyber Criminals Focused on Credential Theft: Report
Products and Releases  |  10/2/2017  | 
Cryptomathic Granted New Patent for Strong Non-Repudiation with eSignatures
Products and Releases  |  10/1/2017  | 
Extends Cryptomathic's eSignature IP to bolster its remote eSignatures business.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-20099
PUBLISHED: 2022-06-27
A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely.
CVE-2022-2221
PUBLISHED: 2022-06-27
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8.
CVE-2022-28622
PUBLISHED: 2022-06-27
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2.
CVE-2022-31034
PUBLISHED: 2022-06-27
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in paramete...
CVE-2022-31035
PUBLISHED: 2022-06-27
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a `javascript:` link in the UI. When clicked by a victim user, the script will execute with th...