Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in November 2015
CERTES UNVEILS TOUCHLESS ENTERPRISE APPLICATION ACCESS CONTROL FOR SECURING ANY USER ON ANY ENDPOINT
Products and Releases  |  11/30/2015  | 
CryptoFlow Solutions Automate Role-Based Access Control to Protect Enterprise Applications on Any Apple, Windows or Android Device
Bluebox Study Finds Security Flaws In 5 Popular Payment Apps
Products and Releases  |  11/24/2015  | 
Lack of Security Combined With Increased Mobile Use This Holiday Season Sets Stage for Mobile Breach.
Morgan Stanley’s Former Cyber Emergency Response Chief Named IID’s Vice President of Threat Intelligence
Products and Releases  |  11/24/2015  | 
Sean Tierney to lead IID’s collaboration with businesses and government agencies to identify the latest malicious threats on the Internet
New Security Study: Consumers Fearful Of Mobile Shopping
Products and Releases  |  11/20/2015  | 
29 Percent of Consumers Do Not Know When Personal Information Has Been Accessed Without Consent, According to Study from Blancco Technology Group
Georgia Tech Joins M3AAWG to Fight Cybercrime
Products and Releases  |  11/20/2015  | 
Huntsman Security Introduces The First Automated Threat Verification To Dramatically Reduce Time-At-Risk
Products and Releases  |  11/20/2015  | 
Huntsman Automated Threat Verification™ re-engineers the Incident Management Process to slash Time-at-Risk
ThreatSTOP Unveils Enterprise-Grade Threat Protection Platform
Products and Releases  |  11/20/2015  | 
SaaS threat intelligence service meets demand for large-scale customer support
MACH37 Cyber Accelerator Accepting Applications for Spring 2016 Session
Products and Releases  |  11/20/2015  | 
Spring ‘16 Cohort to Begin on March 14th
CA Technologies Strengthens Identity-Centric Security Portfolio with Breach Prevention Capabilities Designed to Control Privileged User Access in VMware NSX Environments
Products and Releases  |  11/20/2015  | 
CA Security and Compliance Innovations Help Protect and Enable the Businesses and Systems that Power the Application Economy
FIDO Authentication Poised for Continued Growth as Alliance Submits FIDO 2.0 Web API to W3C
Products and Releases  |  11/20/2015  | 
FIDO Alliance, W3C Partner on Expanding Support for Web Platform
Cybric Closes $1.3 Million Investment to Virtualize and Automate Security
Products and Releases  |  11/20/2015  | 
Proven Security Practitioners from Bank of America, Netflix, Yahoo, Actifio and Dell Unite to Pioneer the Industry’s Fastest Way to Find, Fix and Prevent Cyber Vulnerabilities
Avanan Exits Stealth with Cloud Security Offering
Products and Releases  |  11/19/2015  | 
Dunbar Introduces 360° Managed Security Service for Both Cyber and Physical Threats, Opens Advanced Security Operations Center
Products and Releases  |  11/17/2015  | 
Cybersecurity, Security Systems and Protective Services Business Lines Integrated Under New Dunbar Security Solutions Division
Ziften Unveils New Modular Extension Platform for On-Demand Detection and Response
Products and Releases  |  11/17/2015  | 
Ziften Open Visibility™ Evolves To Further Endpoint Controls
Webscale, Formerly Lagrange, Provides SSL Encryption for All Ecommerce Sites
Products and Releases  |  11/17/2015  | 
"Forced" SSL Within Cloud ADC Boosts E-tailers' Top and Bottom Line
vArmour Unveils Industry-Wide Pathway to a New Security Architecture for Multi-Clouds
Products and Releases  |  11/17/2015  | 
Multi-Cloud Security Architecture offers Framework to Help Organizations Plan and Adopt New Security Capabilities as they Embrace Multi-Clouds vArmour also announces new threat capabilities and commitment to open, flexible private cloud deployments with OpenStack KVM running on software-defined networking from Nuage Networks
Dell Adds Cylance Advanced Threat Protection Technology for Endpoint Security
Products and Releases  |  11/17/2015  | 
Dell to incorporate Cylance technology into its Dell Data Protection endpoint security solution New Dell Data Protection/Endpoint Security Suite Enterprise employs artificial intelligence for industry-leading advanced threat protection The new solution is 99 percent effective against threat vectors including malware, advanced persistent threats, targeted and zero-day attacks Dell continues its leadership in providing the most secure business PCs today with its Latitude and OptiPlex brands
Morphisec Debuts Moving Target Defense, Redefines Advanced Threat Protection
Products and Releases  |  11/17/2015  | 
Unique prevention & threat intelligence capabilities upend security economics in favor of defender
Practitioners Give Global Cybersecurity a “C” According to New Research from Tenable Network Security
Products and Releases  |  11/17/2015  | 
International survey of information security professionals identifies cloud, mobile devices and board-level involvement as common areas of weakness across seven key industry verticals
Cymmetria Adds $9 Million In Funding
Products and Releases  |  11/15/2015  | 
Gary Moore, Former Cisco President and Chief Operating Officer Appointed to vArmour Board of Directors
Products and Releases  |  11/12/2015  | 
Technology and Operational Luminary Joins Industry-Leading Data Center Security Company to Scale the Organization based on Global Customer Adoption of vArmour’s Distributed Security System
Veteran Computer Designers Develop Unique Cyber Security Solution
Products and Releases  |  11/12/2015  | 
Team Creates the World's First Software-Defined Secure Computer
Keeper Commander SDK Gives Developers More Control Over Password Security
Products and Releases  |  11/12/2015  | 
Toolkit Provides API / Command-Line Access for Password Rotation, Automation & More
Open Source Leader Marten Mickos Appointed CEO of HackerOne, Amid 400 Percent Year-Over-Year Customer Growth
Products and Releases  |  11/11/2015  | 
Top Cloud Exec Tapped to Grow World's Largest Marketplace of Hackers for Creating a More Secure Internet
Bluebox Security Introduces First Solution to Create Self-Defending Mobile Apps for Public App Stores
Products and Releases  |  11/11/2015  | 
New Survey Reveals 80% of Consumers Would Stop Being a Customer If a Company's Mobile App Was Breached
Tenable Network Security Raises $250 Million in One of the Largest Funding Rounds for a Private Security Company
Products and Releases  |  11/10/2015  | 
Series B funding led by Insight Venture Partners and Accel will help accelerate development of the company’s next-generation cyber security software
Blue Coat Delivers Industry’s First Complete Cloud Security Solution with Acquisition of Cloud Security Innovator Elastica
Products and Releases  |  11/10/2015  | 
With the addition of Elastica, Blue Coat defines the security stack for the cloud generation: Integrates the Secure Web Gateway with Cloud Application Security Broker (CASB) to provide a secure path to the cloud for its more than 15,000 customers
Trustwave and Bit9 + Carbon Black Form Managed Security Services Alliance
Products and Releases  |  11/10/2015  | 
Trustwave Launches New Managed Application Control Service Based on Bit9 Endpoint Security Technology, Welcomes Bit9 Managed Security Service Customers
CloudFlare Enables Universal DNSSEC for Its Millions of Customers for Free
Products and Releases  |  11/10/2015  | 
Already the world’s largest managed DNS provider, CloudFlare is now the Internet’s most secure
Dell Survey Shows Haphazard Privileged Account Management Practices Expose Businesses to Serious Risk
Products and Releases  |  11/9/2015  | 
76 percent of global survey respondents believe better control of privileged accounts would reduce the likelihood of a security breach
Riverbed Survey Finds 89% of Federal Leaders are Worried About Data Security Across Remote Offices
Products and Releases  |  11/4/2015  | 
31% report a remote office security breach in the past year
vArmour Appoints Mark Weatherford as SVP, Chief Cybersecurity Strategist, and Dr. Matt Williamson As Chief Threat Defense Scientist
Products and Releases  |  11/3/2015  | 
Former Department of Homeland Security Deputy Under Secretary for Cybersecurity, and Leading Security Machine-Learning Scientist Join vArmour to Fuel Customer Growth and Extend Technology Leadership
EiQ Networks Intros Vulnerability Management Service for SME Market
Products and Releases  |  11/3/2015  | 
EiQ has Integrated Qualys’ Award-Winning Qualys Vulnerability Management into its SOCVue Service Offering to Assess, Analyze, and Remediate Vulnerabilities
Cisco Extends Security Everywhere with Broader Visibility, Control, and Protection for Shadow IT, Endpoints, and the Cloud
Products and Releases  |  11/3/2015  | 
Threat Awareness Service Gives Organizations the Upper Hand in Securing the Network
Deep Instinct Launches First Commercially Available, Real-Time Cybersecurity Solution Based on Deep Learning
Products and Releases  |  11/3/2015  | 
Instantly detects and prevents zero-day and APT attacks across all endpoints and mobile devices
Covertix Secures Email Communications with SmartCipherTM
Products and Releases  |  11/3/2015  | 
Technology protects messages & attachments with tracking, encryption, and role-based classification


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file