Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in February 2015
Emailage Raises $3.8 Million
Products and Releases  |  2/26/2015  | 
Funding is led by Felicis Ventures, the leader in early-stage startup funding with an aggregate enterprise investment exit value of $7.5 billion
BMC and Qualys Join Forces to Improve Enterprise Security
Products and Releases  |  2/26/2015  | 
Integrated solution combines BMC BladeLogic and Qualys Vulnerability Management to quickly identify and remediate threats and boost collaboration between Security and IT Operations teams
Onapsis Uncovers Five New Vulnerabilities Affecting SAP BusinessObjects and SAP HANA
Products and Releases  |  2/25/2015  | 
High-profile cyber-risks reveal unauthorized users could retrieve and overwrite data stored on business-critical systems
Lumeta Announces Strategic Partnership with Nordisk Systems, Inc.
Products and Releases  |  2/24/2015  | 
Offers Customers a Solution to Network Situational Awareness Challenges
Digital Guardian Launches Digital Guardian 7.0 for Data Protection Against All Threats
Products and Releases  |  2/24/2015  | 
Company Extends Proven Data Protection Capabilities for Insider Threats to Defend Against Outside Attacks and Bridge the Gap Between Systems Security and Data Protection
Onapsis Appoints CTO of Veracode, Chris Wysopal, to Board of Advisors
Products and Releases  |  2/23/2015  | 
Cyber security expert, thought leader and entrepreneur to help Onapsis further transform how organizations approach business-critical application security
Tenable Network Security Introduces Agent-Based Scanning to 2015 Product Line with Debut of Nessus Manager
Products and Releases  |  2/20/2015  | 
Nessus® Agents simplify, automate and extend vulnerability management capabilities by performing offline scans of portable devices without the need for privileged credentials
Fluke Networks Makes Dynamic Responses to Wireless Threats and True “No-Wireless” Zones Realities with New Capabilities in AirMagnet Enterprise
Products and Releases  |  2/20/2015  | 
For the organizations that need it most, AirMagnet Enterprise provides nonstop detection, location, alerting, mitigation and reporting on cellular and Wi-Fi security breaches
Pindrop Security Closes $35 Million Investment to Extend Leadership in Call Center Anti-Fraud and Authentication
Products and Releases  |  2/19/2015  | 
Institutional Venture Partners leads funding round along with existing investors Andreessen Horowitz, Citi Ventures, Felicis Ventures and Redpoint Ventures
With $7M in New Funding, Sqrrl Launches Linked Data Analysis Platform
Products and Releases  |  2/19/2015  | 
Sqrrl centers its focus on uniting cybersecurity incident detection and response
UVI Awarded Five-Year $1.3M U.S. DOE Cybersecurity Grant
Products and Releases  |  2/18/2015  | 
The Cybersecurity Workforce Pipeline will create a consortium composed of 13 Historically Black Colleges and Universities (HBCUs), two national labs, and a k-12 school district.
Snow Software fuels global success story with acquisition of Mobile Device Management technology developer
Products and Releases  |  2/18/2015  | 
The Institution and its ‘Revival’ MDM solution joins Snow family
ID Experts and Iatric Systems Offer Hospitals A Proactive Solution for Identifying and Managing Security Incidents
Products and Releases  |  2/18/2015  | 
Integrating Iatric Systems Security Audit Manager(TM) and ID Experts' RADAR® Identifies, Automates, and Simplifies the Complexities of Data Incident Response Management
OpenDNS Discovers New, Highly Sophisticated PayPal Phishing Campaign
Products and Releases  |  2/13/2015  | 
Phishing Websites Virtually Indistinguishable from Paypal’s Legitimate Properties
Gemalto Releases Findings of 2014 Breach Level Index
Products and Releases  |  2/13/2015  | 
Data breaches increased 49 percent in 2014 to 1 billion data records compromised, with cybercriminals targeting identity theft as top breach category
Sharp rise in DNS-based DDoS last year signals larger, more frequent attacks in 2015
Products and Releases  |  2/5/2015  | 
Malware in home gateways topples provider networks & websites; rapid growth of ‘smart’ devices adds to risk
Lastline Partners with Bit9 + Carbon Black to Deliver Comprehensive Network and Endpoint Breach Protection
Products and Releases  |  2/3/2015  | 
Product Integration Provides End-to-End Coverage Against Advanced and Evasive Malware
Epicor Introduces New Data Security and Protection Program for Independent Retailers
Products and Releases  |  2/3/2015  | 
Initiative Designed to Mitigate the Risk of a Security Breach through Improved Data Management and Protection to Boost Consumer Confidence and Loyalty
CipherCloud Report Identifies over 1,100 Cloud Applications in Use by Companies, 86 Percent of Cloud Applications are 'Shadow IT'
Products and Releases  |  2/3/2015  | 
North American and European companies use on average 1,245 and 981 applications, respectively
Cardtek USA Unveils New Partnerships for a Smarter and Safer Mobile Payments World in the U.S.
Products and Releases  |  2/3/2015  | 
Through its parent and sister companies, Cardtek USA is developing groundbreaking app softwares, infrastructures to increase data safety, and offering cloud-based mobile service solutions for the increasing demand for smart devices
Qualys Brings Industry¹s First Continuous Progressive Scanning Capabilities to Its Fast Growing Web Applications Scanning Solution
Products and Releases  |  2/3/2015  | 
New Features Enable Deeper and Comprehensive Continuous Scanning of Large and Complex Web Applications
Marble Security Report: U.S. No. 1 Source of Dangerous Mobile Apps for iPhone and Android
Products and Releases  |  2/3/2015  | 
China, India, Korea and Taiwan are next riskiest sources
Former Liberty Reserve IT Manager Sentenced to 36 Months in Prison
Products and Releases  |  2/2/2015  | 
The former information technology manager for Liberty Reserve was sentenced for conspiring to operate an unlicensed money transmitting business.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655
PUBLISHED: 2023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.