Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in December 2014
Onapsis Research Labs Delivers 2014 SAP Security Advisories Trend Analysis with Almost Half Classified as High priority
Products and Releases  |  12/29/2014  | 
Business-critical application security experts deliver 2014 SAP security trend analysis and find 7% increase over 2013 with 46% of vulnerabilities high priority including HeartBleed, Shellshock, Poodle and Zombie Zero
Pulse Secure Simplifies Secure Device Onboarding and Compliance for BYOD
Products and Releases  |  12/22/2014  | 
New Capabilities of Connect Secure and Policy Secure Will Enhance End-User Experience and Expand Compliance Options
WatchGuard Uncovers Guest Network Security Lapses
Products and Releases  |  12/18/2014  | 
71% of global hotels, restaurants and other hospitality organizations jeopardize customers with inadequate security controls
IOActive Expands Vehicle Security Service Practice
Products and Releases  |  12/17/2014  | 
Vehicle security researcher Charlie Miller joins IOActive Advisory Board
Onapsis uncovers two new critical business application vulnerabilities in SAP BASIS and SAP BusinessObjects
Products and Releases  |  12/17/2014  | 
High-profile risk threats identified by Onapsis Research Labs experts reveals that unauthorized users could access business-critical applications leveraging SAP BusinessObjects
Esentire Releases Cybersecurity Documentation Framework Featuring Infosec Policy, Incident Response Guidance
Products and Releases  |  12/17/2014  | 
Culled from years of industry expertise, this Information Security Policy Framework provides Registered Investment Advisors the means to proactively document and manage their defense posture while responding to due diligence and regulatory requirements.
Rapid7 Announces Additional Funding
Products and Releases  |  12/17/2014  | 
$30 Million Investment to Accelerate Growth and Strong Traction of New Security Data Analytics and Strategic Services Offerings
Entrust Datacard Adds Website Security Capabilities For SSL
Products and Releases  |  12/17/2014  | 
SSL Technology Bundle Utilizes SiteLock Website Security Services to Protect Against Malicious Online Attacks and Create Multiple Levels of Protection
Lastline Adds OS X Support and Unlimited 10 Gbps Sensors in 6.0 Release of Its Breach Detection Platform
Products and Releases  |  12/16/2014  | 
Lastline Next-Generation Sandboxing, Threat Intelligence and Breach Event Correlation Engineered to Handle 20x Increase in Evasive Malware
Lancope Unveils Newly Enhanced, World-Class Customer Success Organization to Help Drive Lean-Forward Cyber Security
Products and Releases  |  12/16/2014  | 
Company has increased its investment in customer success by 150 percent this year
Trend Micro Announces Strategic OEM Agreement with HP
Products and Releases  |  12/16/2014  | 
HP TippingPoint Advanced Threat Appliance family includes Trend Micro Deep Discovery for breach detection
Breaking News From KnowBe4: Two New Ransomware Strains
Products and Releases  |  12/15/2014  | 
KnowBe4 CEO Stu Sjouwerman issued a warning today of two new strains of ransomware that have been discovered, giving IT security a heads up on how to spot and handle
Norse Discovers Buffer Overflow Vulnerability In FreeBSD
Products and Releases  |  12/11/2014  | 
NCC Group to Open Trust Domain For Registration
Products and Releases  |  12/11/2014  | 
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/10/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
Vectra Networks Launches Industrys First Real-Time Detection Platform that Protects against Insider and Targeted Threats
Products and Releases  |  12/10/2014  | 
Organizations Can Now Leverage Unique Combination of Community Threat Analysis and Real-Time Indicators of Attack for Comprehensive Insight into Insider and Targeted Threats
Imperva Expands Protection Against Distributed Denial of Service Attacks
Products and Releases  |  12/10/2014  | 
New DDoS Services Add Infrastructure Protection and Name Server Protection to DDoS Capabilities
Box Advances Enterprise Security with Box Trust
Products and Releases  |  12/9/2014  | 
Symantec, Splunk, Palo Alto Networks, Sumo Logic and OpenDNS Join Ecosystem of Leading Security Partners
TraceSecurity and Rapid7 Partner to Add Value for Shared Customer Base
Products and Releases  |  12/9/2014  | 
Relationship Delivers Seamless Integration between TraceCSO and Nexpose Vulnerability Management Software
82% of Companies Attacked Online In 2014: Malwarebytes Research
Products and Releases  |  12/9/2014  | 
Research reveals browser vulnerabilities present companies with the biggest endpoint challenge heading into 2015.
McAfee Labs Report Previews 2015 Developments in Exploits and Evasion
Products and Releases  |  12/8/2014  | 
McAfee Labs Dubs 2014 Year of Shaken Trust; Predicts 2015 Trends in Internet Trust Exploits, Privacy, Mobile, Internet of Things, and Cyber Espionage
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/8/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
TrustPipe Rolls Out Marker-Based Security Technology
Products and Releases  |  12/8/2014  | 
Blue Coat Names Michael Fey President and COO
Products and Releases  |  12/4/2014  | 
Feys Expertise Positions Blue Coat to Drive Continued Growth Towards $1B Revenue in the Security Market
Merchant Financial Cyber Partnership Announces Next Steps for Securing the Payments System
Products and Releases  |  12/4/2014  | 
Partnership sends letter to Congress outlining cybersecurity information sharing legislation principles
Shortcomings Identified Among Security Vendors in Latest Evaluation of Advanced Threat Solutions
Products and Releases  |  12/4/2014  | 
FireEye Outperforms Mainstream Security Providers in New Advanced Malware Test.
National Health ISAC Offers Industry Threat Intelligence Platform
Products and Releases  |  12/4/2014  | 
Healthcare Industry Promotes Collaboration and Information Sharing to Take Lead in Fighting Online Threats
Array Networks Announces Mobile Client for Integrating SSL VPN Secure Access and Mobile Application Management
Products and Releases  |  12/4/2014  | 
New MotionPro app enables secure access from tablets and smart phones and streamlines management of native, Web and remote desktop applications.
37 Percent of Holiday Transactions Made from Mobile Devices
Products and Releases  |  12/2/2014  | 
Company also reveals 0.29 percent of retail online holiday transactions were fraudulent


How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.