Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in November 2019
Tanium Announces Key Platform Enhancements to Help Customers Achieve Visibility, Management & Security Across Endpoints
Products and Releases  |  11/25/2019  | 
Unified endpoint management and security breaks down organizational silos and provides IT teams with unprecedented visibility and control of their environment.
Allure Security Unveils Anti-Phishing Solution
Products and Releases  |  11/25/2019  | 
Patented Technology Provides Early Detection of Web Spoofing to Help Enterprises Preserve Brand Reputation
Qualys Brings its Vulnerability Management Solution to the Next Level
Products and Releases  |  11/25/2019  | 
Introducing VMDR: Vulnerability Management, Detection, and Response. VMDR delivers a continuous cycle of protection from a single pane of glass with built-in orchestration workflows and real-time vulnerability detection to prioritize, remediate, and audit across hybrid IT environments.
Financial Institutions on the Hook for Data Breaches this Holiday Shopping Season
Products and Releases  |  11/25/2019  | 
American consumers will hold financial institutions accountable for compromised data regardless of who's at fault; Banks stand to lose nearly half of customer base, according to new study from Terbium Labs
Trend Micro Announces Winners of Global Capture the Flag Event
Products and Releases  |  11/25/2019  | 
Fifth annual competition arms young professionals with critical industry skills.
Trend Micro Debuts Security Services Platform for Organizations Building Apps in the Cloud
Products and Releases  |  11/21/2019  | 
Trend Micro Cloud One automates and simplifies cloud security to give organizations the flexibility they need to meet their most strategic cloud priorities.
IBM Launches Open Technology to Speed Response to Cyber Threats Across Clouds
Products and Releases  |  11/21/2019  | 
Industry-first capability to hunt threats across security tools and clouds without moving data
Egnyte Announces New Layer In Its Industry-Leading Content Intelligence Engine
Products and Releases  |  11/20/2019  | 
Advanced Metadata Capabilities to Accelerate Data Discovery and Boost Security
Google Collaborates with Fortanix to Deliver External Key Management System for Public Cloud
Products and Releases  |  11/20/2019  | 
Businesses can migrate sensitive and private data to public cloud without giving up control of encryption keys.
Respond Software Launches First Responder Service to Automate Speed, Accuracy of MDR at Fraction of Cost
Products and Releases  |  11/19/2019  | 
New Service Combines Proprietary Detection and Investigation Software with Human First Responders
Research: A third of the world's largest enterprises use inadequate data sanitization to prevent data breaches at end-of-life
Products and Releases  |  11/19/2019  | 
Gaps in data sanitization knowledge and policies mean global enterprises are putting their organizations at risk of security and compliance breakdowns
NINJIO Introduces Security Awareness Training for SMBS
Products and Releases  |  11/19/2019  | 
Company offers a subscription to animated micro-learning videos to help protect organizations with less than 100 employees from cyberattacks.
Kaspersky: More Senior Execs Making Cyber Decisions
Products and Releases  |  11/14/2019  | 
Statistics support trend of IT security managers being a part of IT decision making discussions.
Trend Micro Launches Smart Factory Security Solutions
Products and Releases  |  11/13/2019  | 
Offerings designed to provide enhanced visibility and protection for embattled industrial control system (ICS) environments.
MITRE Engenuity Announces the Center for Threat-Informed Defense
Products and Releases  |  11/13/2019  | 
Thirteen organizations join Center as founding participants for R&D collaboration
Nuspire Security Researchers Discover 730% Increase in Emotet Activity
Products and Releases  |  11/13/2019  | 
Recent quarterly threat report highlights the return of Emotet activity throughout Q3
Cybrary Lands $15 Million in Series B Funding
Products and Releases  |  11/13/2019  | 
New Funding Propels Growth of Cybrarys Online Workforce Development Platform Being Utilized by Nearly 3 Million Cyber Pros Today
Siemplify Integrates MITRE ATT&CK Framework into Security Operations Platform
Products and Releases  |  11/12/2019  | 
The SOAR Provider aims to enable faster investigations and actionable insights by mapping with the global repository of attacker tools and techniques.
Cybervore Changes Direction, Introduces Fragglestorm
Products and Releases  |  11/12/2019  | 
A new cybersecurity tool aims to protect data from breaches and ransomware.
Jamf Launches Jamf Protect, Enterprise Endpoint Protection Built for Mac
Products and Releases  |  11/12/2019  | 
Jamf Protect uses native Apple security tools and on-device analysis to give security teams visibility into their Mac fleet.
Fortress Launches Collaboration to Help Protect the Power Grid from Cyber Threats
Products and Releases  |  11/8/2019  | 
Fortress Information Security launches the Asset to Vendor Network (A2V), a new platform where electric energy companies can collectively help reduce the costs of protecting the U.S. power grid from cyber threats.
CISA Releases Cyber Essentials for Small Businesses and Governments
Products and Releases  |  11/7/2019  | 
Set of cybersecurity best practices will enhance the nation's collective defense against cyber threats.
Cyxtera Technologies Announces Spin Out of Cybersecurity Business
Products and Releases  |  11/6/2019  | 
New company powers comprehensive secure access and anti-fraud solutions with offensive expertise Mike Aiello appointed CEO of AppGate Inc.
Adaptiva's Evolve VM Now Scans for Every Vulnerability in the National Vulnerability Database Within 15 Minutes
Products and Releases  |  11/4/2019  | 
Enterprises Protected by Unmatched Speed and Scale With Industry's First Complete Life Cycle Vulnerability Management Product
Fewer than half of cybersecurity professionals have a plan in place to deal with IoT attacks, despite the fact that ninety percent worry about future threats
Products and Releases  |  11/1/2019  | 
New study from Neustar finds that 48% of organizations reported experiencing an attack on connected devices in the last year alone


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655
PUBLISHED: 2023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.