Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in December 2014
Onapsis Research Labs Delivers 2014 SAP Security Advisories Trend Analysis with Almost Half Classified as High priority
Products and Releases  |  12/29/2014  | 
Business-critical application security experts deliver 2014 SAP security trend analysis and find 7% increase over 2013 with 46% of vulnerabilities high priority including HeartBleed, Shellshock, Poodle and Zombie Zero
Pulse Secure Simplifies Secure Device Onboarding and Compliance for BYOD
Products and Releases  |  12/22/2014  | 
New Capabilities of Connect Secure and Policy Secure Will Enhance End-User Experience and Expand Compliance Options
WatchGuard Uncovers Guest Network Security Lapses
Products and Releases  |  12/18/2014  | 
71% of global hotels, restaurants and other hospitality organizations jeopardize customers with inadequate security controls
IOActive Expands Vehicle Security Service Practice
Products and Releases  |  12/17/2014  | 
Vehicle security researcher Charlie Miller joins IOActive Advisory Board
Onapsis uncovers two new critical business application vulnerabilities in SAP BASIS and SAP BusinessObjects
Products and Releases  |  12/17/2014  | 
High-profile risk threats identified by Onapsis Research Labs experts reveals that unauthorized users could access business-critical applications leveraging SAP BusinessObjects
Esentire Releases Cybersecurity Documentation Framework Featuring Infosec Policy, Incident Response Guidance
Products and Releases  |  12/17/2014  | 
Culled from years of industry expertise, this Information Security Policy Framework provides Registered Investment Advisors the means to proactively document and manage their defense posture while responding to due diligence and regulatory requirements.
Rapid7 Announces Additional Funding
Products and Releases  |  12/17/2014  | 
$30 Million Investment to Accelerate Growth and Strong Traction of New Security Data Analytics and Strategic Services Offerings
Entrust Datacard Adds Website Security Capabilities For SSL
Products and Releases  |  12/17/2014  | 
SSL Technology Bundle Utilizes SiteLock Website Security Services to Protect Against Malicious Online Attacks and Create Multiple Levels of Protection
Lastline Adds OS X Support and Unlimited 10 Gbps Sensors in 6.0 Release of Its Breach Detection Platform
Products and Releases  |  12/16/2014  | 
Lastline Next-Generation Sandboxing, Threat Intelligence and Breach Event Correlation Engineered to Handle 20x Increase in Evasive Malware
Lancope Unveils Newly Enhanced, World-Class Customer Success Organization to Help Drive Lean-Forward Cyber Security
Products and Releases  |  12/16/2014  | 
Company has increased its investment in customer success by 150 percent this year
Trend Micro Announces Strategic OEM Agreement with HP
Products and Releases  |  12/16/2014  | 
HP TippingPoint Advanced Threat Appliance family includes Trend Micro Deep Discovery for breach detection
Breaking News From KnowBe4: Two New Ransomware Strains
Products and Releases  |  12/15/2014  | 
KnowBe4 CEO Stu Sjouwerman issued a warning today of two new strains of ransomware that have been discovered, giving IT security a heads up on how to spot and handle
Norse Discovers Buffer Overflow Vulnerability In FreeBSD
Products and Releases  |  12/11/2014  | 
NCC Group to Open Trust Domain For Registration
Products and Releases  |  12/11/2014  | 
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/10/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
Vectra Networks Launches Industrys First Real-Time Detection Platform that Protects against Insider and Targeted Threats
Products and Releases  |  12/10/2014  | 
Organizations Can Now Leverage Unique Combination of Community Threat Analysis and Real-Time Indicators of Attack for Comprehensive Insight into Insider and Targeted Threats
Imperva Expands Protection Against Distributed Denial of Service Attacks
Products and Releases  |  12/10/2014  | 
New DDoS Services Add Infrastructure Protection and Name Server Protection to DDoS Capabilities
Box Advances Enterprise Security with Box Trust
Products and Releases  |  12/9/2014  | 
Symantec, Splunk, Palo Alto Networks, Sumo Logic and OpenDNS Join Ecosystem of Leading Security Partners
TraceSecurity and Rapid7 Partner to Add Value for Shared Customer Base
Products and Releases  |  12/9/2014  | 
Relationship Delivers Seamless Integration between TraceCSO and Nexpose Vulnerability Management Software
82% of Companies Attacked Online In 2014: Malwarebytes Research
Products and Releases  |  12/9/2014  | 
Research reveals browser vulnerabilities present companies with the biggest endpoint challenge heading into 2015.
McAfee Labs Report Previews 2015 Developments in Exploits and Evasion
Products and Releases  |  12/8/2014  | 
McAfee Labs Dubs 2014 Year of Shaken Trust; Predicts 2015 Trends in Internet Trust Exploits, Privacy, Mobile, Internet of Things, and Cyber Espionage
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/8/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
TrustPipe Rolls Out Marker-Based Security Technology
Products and Releases  |  12/8/2014  | 
Blue Coat Names Michael Fey President and COO
Products and Releases  |  12/4/2014  | 
Feys Expertise Positions Blue Coat to Drive Continued Growth Towards $1B Revenue in the Security Market
Merchant Financial Cyber Partnership Announces Next Steps for Securing the Payments System
Products and Releases  |  12/4/2014  | 
Partnership sends letter to Congress outlining cybersecurity information sharing legislation principles
Shortcomings Identified Among Security Vendors in Latest Evaluation of Advanced Threat Solutions
Products and Releases  |  12/4/2014  | 
FireEye Outperforms Mainstream Security Providers in New Advanced Malware Test.
National Health ISAC Offers Industry Threat Intelligence Platform
Products and Releases  |  12/4/2014  | 
Healthcare Industry Promotes Collaboration and Information Sharing to Take Lead in Fighting Online Threats
Array Networks Announces Mobile Client for Integrating SSL VPN Secure Access and Mobile Application Management
Products and Releases  |  12/4/2014  | 
New MotionPro app enables secure access from tablets and smart phones and streamlines management of native, Web and remote desktop applications.
37 Percent of Holiday Transactions Made from Mobile Devices
Products and Releases  |  12/2/2014  | 
Company also reveals 0.29 percent of retail online holiday transactions were fraudulent


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.