Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in February 2015
Emailage Raises $3.8 Million
Products and Releases  |  2/26/2015  | 
Funding is led by Felicis Ventures, the leader in early-stage startup funding with an aggregate enterprise investment exit value of $7.5 billion
BMC and Qualys Join Forces to Improve Enterprise Security
Products and Releases  |  2/26/2015  | 
Integrated solution combines BMC BladeLogic and Qualys Vulnerability Management to quickly identify and remediate threats and boost collaboration between Security and IT Operations teams
Onapsis Uncovers Five New Vulnerabilities Affecting SAP BusinessObjects and SAP HANA
Products and Releases  |  2/25/2015  | 
High-profile cyber-risks reveal unauthorized users could retrieve and overwrite data stored on business-critical systems
Lumeta Announces Strategic Partnership with Nordisk Systems, Inc.
Products and Releases  |  2/24/2015  | 
Offers Customers a Solution to Network Situational Awareness Challenges
Digital Guardian Launches Digital Guardian 7.0 for Data Protection Against All Threats
Products and Releases  |  2/24/2015  | 
Company Extends Proven Data Protection Capabilities for Insider Threats to Defend Against Outside Attacks and Bridge the Gap Between Systems Security and Data Protection
Onapsis Appoints CTO of Veracode, Chris Wysopal, to Board of Advisors
Products and Releases  |  2/23/2015  | 
Cyber security expert, thought leader and entrepreneur to help Onapsis further transform how organizations approach business-critical application security
Tenable Network Security Introduces Agent-Based Scanning to 2015 Product Line with Debut of Nessus Manager
Products and Releases  |  2/20/2015  | 
Nessus® Agents simplify, automate and extend vulnerability management capabilities by performing offline scans of portable devices without the need for privileged credentials
Fluke Networks Makes Dynamic Responses to Wireless Threats and True “No-Wireless” Zones Realities with New Capabilities in AirMagnet Enterprise
Products and Releases  |  2/20/2015  | 
For the organizations that need it most, AirMagnet Enterprise provides nonstop detection, location, alerting, mitigation and reporting on cellular and Wi-Fi security breaches
Pindrop Security Closes $35 Million Investment to Extend Leadership in Call Center Anti-Fraud and Authentication
Products and Releases  |  2/19/2015  | 
Institutional Venture Partners leads funding round along with existing investors Andreessen Horowitz, Citi Ventures, Felicis Ventures and Redpoint Ventures
With $7M in New Funding, Sqrrl Launches Linked Data Analysis Platform
Products and Releases  |  2/19/2015  | 
Sqrrl centers its focus on uniting cybersecurity incident detection and response
UVI Awarded Five-Year $1.3M U.S. DOE Cybersecurity Grant
Products and Releases  |  2/18/2015  | 
The Cybersecurity Workforce Pipeline will create a consortium composed of 13 Historically Black Colleges and Universities (HBCUs), two national labs, and a k-12 school district.
Snow Software fuels global success story with acquisition of Mobile Device Management technology developer
Products and Releases  |  2/18/2015  | 
The Institution and its ‘Revival’ MDM solution joins Snow family
ID Experts and Iatric Systems Offer Hospitals A Proactive Solution for Identifying and Managing Security Incidents
Products and Releases  |  2/18/2015  | 
Integrating Iatric Systems Security Audit Manager(TM) and ID Experts' RADAR® Identifies, Automates, and Simplifies the Complexities of Data Incident Response Management
OpenDNS Discovers New, Highly Sophisticated PayPal Phishing Campaign
Products and Releases  |  2/13/2015  | 
Phishing Websites Virtually Indistinguishable from Paypal’s Legitimate Properties
Gemalto Releases Findings of 2014 Breach Level Index
Products and Releases  |  2/13/2015  | 
Data breaches increased 49 percent in 2014 to 1 billion data records compromised, with cybercriminals targeting identity theft as top breach category
Sharp rise in DNS-based DDoS last year signals larger, more frequent attacks in 2015
Products and Releases  |  2/5/2015  | 
Malware in home gateways topples provider networks & websites; rapid growth of ‘smart’ devices adds to risk
Lastline Partners with Bit9 + Carbon Black to Deliver Comprehensive Network and Endpoint Breach Protection
Products and Releases  |  2/3/2015  | 
Product Integration Provides End-to-End Coverage Against Advanced and Evasive Malware
Epicor Introduces New Data Security and Protection Program for Independent Retailers
Products and Releases  |  2/3/2015  | 
Initiative Designed to Mitigate the Risk of a Security Breach through Improved Data Management and Protection to Boost Consumer Confidence and Loyalty
CipherCloud Report Identifies over 1,100 Cloud Applications in Use by Companies, 86 Percent of Cloud Applications are 'Shadow IT'
Products and Releases  |  2/3/2015  | 
North American and European companies use on average 1,245 and 981 applications, respectively
Cardtek USA Unveils New Partnerships for a Smarter and Safer Mobile Payments World in the U.S.
Products and Releases  |  2/3/2015  | 
Through its parent and sister companies, Cardtek USA is developing groundbreaking app softwares, infrastructures to increase data safety, and offering cloud-based mobile service solutions for the increasing demand for smart devices
Qualys Brings Industry¹s First Continuous Progressive Scanning Capabilities to Its Fast Growing Web Applications Scanning Solution
Products and Releases  |  2/3/2015  | 
New Features Enable Deeper and Comprehensive Continuous Scanning of Large and Complex Web Applications
Marble Security Report: U.S. No. 1 Source of Dangerous Mobile Apps for iPhone and Android
Products and Releases  |  2/3/2015  | 
China, India, Korea and Taiwan are next riskiest sources
Former Liberty Reserve IT Manager Sentenced to 36 Months in Prison
Products and Releases  |  2/2/2015  | 
The former information technology manager for Liberty Reserve was sentenced for conspiring to operate an unlicensed money transmitting business.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file