Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in November 2014
Man Pleads Guilty for Selling "StealthGenie" Spyware App and Ordered to Pay $500,000 Fine
Products and Releases  |  11/26/2014  | 
First-ever criminal conviction for the advertisement and sale of a mobile device spyware app.
Happiest Minds' Integrated Security as a Service [iSaaS] Platform Receives Positive Market Momentum
Products and Releases  |  11/24/2014  | 
The Platform Provides a Staggering 35% Cost Reduction in Both OpEx and CapEx in Comparison With On-premise Deployments
Lancope Protects Retailers from Cyber-Attacks During Vulnerable Holiday Season
Products and Releases  |  11/24/2014  | 
Advanced, context-aware security helps combat cyber-attacks that bypass conventional defenses
Datablink Launches Operations, Offers Unique Technology Aimed at Simplifying User Authentication and Fighting Online Transaction Fraud
Products and Releases  |  11/24/2014  | 
Merger with Brazil-based BRToken creates company operating under the Datablink name with headquarters in Tysons Corner, Virginia and offices in Brazil
Former Subway Franchise Owner Sentenced to 18 Months in Prison for Gift Card Hacking Scheme at Subway Restaurants
Products and Releases  |  11/21/2014  | 
$40,000 in gift cards stolen in cash register hack.
OpenDNS Partners with Irish Reporting and Information Security Service to Fight Internet Threats
Products and Releases  |  11/21/2014  | 
OpenDNSs Andrew Hay to Present New Research on Threats Facing Irish Internet Users
Agari and Palo Alto Networks Agree to Exchange Threat Intelligence Data
Products and Releases  |  11/18/2014  | 
Unique Dataset will Enhance Targeted Attack Prevention Capabilities
New Research Shows One Third of Retail Breaches Originated from Third-Party Vulnerabilities
Products and Releases  |  11/18/2014  | 
BitSight Analyzes Security Performance of Nations 300 Largest Retailers to Find an Industry Still Under Attack
Arxans Annual Report: State of Mobile App Security Reveals an Increase in App Hacks for Top 100 Mobile Apps
Products and Releases  |  11/18/2014  | 
Findings Expose a Lack of Mobile Application Self-Protection for Mobile Financial, Retail/Merchant and Healthcare/Medical Apps
New, Free Certificate Authority to Dramatically Increase Encrypted Internet Traffic
Products and Releases  |  11/18/2014  | 
Non-Profit to Offer One-Click Process to Implement Secure Web Browsing
Verizon Enhances Managed Security Services Portfolio to Aid in Early Detection of Cyberthreats
Products and Releases  |  11/18/2014  | 
Synthesizes extensive global threat intelligence to deliver advanced security analysis
New 2015 Kevin Mitnick Security Awareness Training - Gartner Top 20 Pick
Products and Releases  |  11/18/2014  | 
The first fully integrated security awareness training and phishing platform gets a refresh making once optional user education a necessity
Added Network Visibility with Belden's Newest Security OS: HiSecOS 2.0
Products and Releases  |  11/18/2014  | 
Version 2.0 of Hirschmanns Security Operating System Brings Enhanced VPN Connections and Dynamic Routing for Industrial Networks
Member of Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft Sentenced to 115 Months in Prison
Products and Releases  |  11/13/2014  | 
Case related to identity theft and credit card fraud ring known as Carder.su
ISACA Survey: Most Consumers Aware of Major Data Breaches but Fewer than Half Have Changed Key Shopping Behaviors
Products and Releases  |  11/13/2014  | 
Results also reveal struggles with privacy and security as use of connected devices and wearables grows
Certification Program Developed Specifically for Risk Professionals
Products and Releases  |  11/13/2014  | 
The Certified Third Party Risk Professional (CTPRP) Designation Validates Third Party Risk Management Expertise
Entrust Datacard Bridges Digital Identity From Physical to Mobile
Products and Releases  |  11/13/2014  | 
Organizations now able to use investments in smartcard security as powerful mobile-based identities for authentication, secure login.
Information Security Forum Tackles Maturity Models with Introduction of New Report and Research Tool
Products and Releases  |  11/11/2014  | 
Report Explains How to Make the Right Decisions about Where to Develop Maturity; Introduces Process to Select and Use a Maturity Model Effectively and Efficiently
ExtraHop and FireEye Team Up to Defend Against Security Threats
Products and Releases  |  11/11/2014  | 
Combination of ExtraHop Wire Data Analytics Platform with the FireEye Threat Analytics Platform Enriches Existing Security Datasets to Monitor DNS Activity, HTTP Payload Data, and Reconnaissance Activity for Industry-Leading Threat Detection and Prevention.
Alert Logic Introduces First Fully Managed Suite Of Cloud Security Products
Products and Releases  |  11/10/2014  | 
Alert Logic Cloud Defender Delivers Full Stack Threat Detection and Protection; Drives Complexity and Cost Out of Cloud Security
More Than 400 .Onion Addresses, Including Dozens of Dark Market Sites, Targeted as Part of Global Enforcement Action on Tor Network
Products and Releases  |  11/7/2014  | 
DOJ announces international law enforcement operation that seized website addresses and computer servers hosting these websites.
Operator of Silk Road 2.0 Website Charged in Manhattan Federal Court
Products and Releases  |  11/6/2014  | 
Silk Road 2.0, Launched in November 2013 After Its Predecessor was Shut Down by Law Enforcement, Has Enabled More Than 100,000 People to Buy and Sell Illegal Drugs Anonymously Over the Internet
FortiGuard Researchers Detect and Prevent New Sophisticated Point-of-Sale Threat
Products and Releases  |  11/6/2014  | 
New Backoff PoS malware variant 211G1 contains new techniques for evading analysis and detection mechanisms
OpenDNS Automates Security Policy Management for Managed Service Providers
Products and Releases  |  11/6/2014  | 
New Centralized Settings Capabilities Enable Service Providers to Streamline Customer Deployments, Automate Common Tasks and Simplify Security Policy Management
Over 70% of office workers dont know who to report a security breach to
Products and Releases  |  11/6/2014  | 
Research conducted for the launch of UserLock 8 has found that fewer than a third of desk-based workers would know who to tell if they were party to a security breach
LANDESK Simplifies Control of IT Assets and Costs
Products and Releases  |  11/6/2014  | 
IT Asset Management Suite Gives Businesses Easy-to-Use System to Manage Licenses, Prepare for Software Audits.
Soltra Edge: An industry collaborates to fight cyber threats with information sharing
Products and Releases  |  11/6/2014  | 
Soltra Edge Leverages Open Standards, Distills Large Amounts of Data into Actionable Cyber Intelligence and Will Integrate with Other Cyber Security Solutions.
Porticor delivers protection of OpenStack computing with cloud key management security
Products and Releases  |  11/6/2014  | 
Newest Virtual Private Data System Leverages Software-Defined Key Management to Enhance Security and Cloud Data Protection Across OpenStack and VMware Environments.
GI Updates Forecasts for Wearable Biometrics
Products and Releases  |  11/6/2014  | 
Accuvant and FishNet Security Agree to Join Forces to Enable Customers to More Effectively Address the Growing Cyber Security Threat
Products and Releases  |  11/5/2014  | 
New, Combined Information Security Solutions Company to Have Increased Depth, Breadth, Scale and Reach to Solve the Most Complex Security Problems
ControlScan Launches New Educational Website to Help SMBs Properly Secure Customer Data
Products and Releases  |  11/5/2014  | 
New reference for SMBs.
Sophos Delivers Security for Android Devices
Products and Releases  |  11/5/2014  | 
New mobile security rollout.
Introducing The Check Point Capsule: Mobile Security That Goes Where You Go
Products and Releases  |  11/5/2014  | 
Revolutionary Single Solution to Secure Business Data and Mobile Devices

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file