Products and Releases

Content posted in March 2017
Authenticated Reality Releases 'The New Internet' With Unrestricted Domain Extensions
Products and Releases  |  3/30/2017  | 
Company also announces Android availability of The New Internet, the first-ever secure gateway to the Internet
Cymmetria Releases MazeRunner Community Edition Update
Products and Releases  |  3/29/2017  | 
Cybernance Receives Risk and Liability Protection Via DHS SAFETY Act
Products and Releases  |  3/29/2017  | 
Cybernance customers now have third-party liability protection if targeted by cyber terrorism
Desktop Scanners Can Be Hijacked to Perpetrate Cyberattacks
Products and Releases  |  3/28/2017  | 
Office scanners can be hijacked and a companys network compromised using different light sources, according to researchers.
Senate Votes to Gut Broadband Privacy Rules
Products and Releases  |  3/23/2017  | 
The US Senate voted to use the Congressional Review Act to gut the FCC's broadband privacy rules, which prevent ISPs from selling customers' personal data.
Registration Opens for U.S. Cyber Quests Competition
Products and Releases  |  3/20/2017  | 
The U.S. Cyber Challenge has opened registration for the 2017 Cyber Quests online competition, a workforce development program.
NSS Labs Joins (IT-ISAC) for Strategic Threat Intelligence Sharing
Products and Releases  |  3/16/2017  | 
NSS Labs, Inc. today announced that it has joined the Information Technology-Information Sharing and Analysis Center (IT-ISAC) as a foundation member.
1E Launches EDR Platform To Query and Control All Endpoints
Products and Releases  |  3/9/2017  | 
Tachyon enables IT teams to interact with millions of endpoints running multiple operating systems in real time.
Tenable Appoints First-Ever Chief Revenue, Marketing Officers to Exec Team
Products and Releases  |  3/8/2017  | 
Former Cisco and Tanium executives join Tenable to accelerate company momentum following strong performance.
District Attorney, Cal Poly, Cal Guard Partner to Combat California Cyber Crime
Products and Releases  |  3/1/2017  | 
The Central Coast Cyber Forensics Lab (CCCFL) and the California Cyber Training Complex (CCTC) will provide Learn by Doing opportunities for students, law enforcement, and military to combat increasing cybersecurity threat.


New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17948
PUBLISHED: 2018-11-20
An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3.
CVE-2018-1779
PUBLISHED: 2018-11-20
IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
CVE-2018-19367
PUBLISHED: 2018-11-20
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
CVE-2018-19335
PUBLISHED: 2018-11-20
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-19334
PUBLISHED: 2018-11-20
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug reports.