Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in March 2019
Carbonite Closes Acquisition of Webroot
Products and Releases  |  3/27/2019  | 
FirstPoint Announces $2.5M in Seed Funding
Products and Releases  |  3/25/2019  | 
funding will enable FirstPoint to bring its cellular cybersecurity-as-a-service products to market.
Checkmarx to Secure Software Development at DOE National Laboratory
Products and Releases  |  3/21/2019  | 
Checkmarx's Software Security Platform will be integrated into software development lifecycle at Pacific Northwest National Laboratory.
Flashpoint Introduces Innovative Approach for Use Case-Driven Intelligence
Products and Releases  |  3/20/2019  | 
Company uniquely assesses intelligence requirements to support cybersecurity, fraud, insider threat, corporate & physical security, and third-party risk teams.
Array Networks Launches Monitoring and Reporting System for Transforming Application Data into Actionable Intelligence
Products and Releases  |  3/20/2019  | 
Monitoring and Reporting System (MARS) analyzes data from Array ADCs to identify and visualize traffic patterns in real-time and improve application availability, security and performance
Nozomi Networks Expands ICS Cyber Security Research with Labs Launch
Products and Releases  |  3/20/2019  | 
Gears up to share valuable research and tools to help ICS community defend against cyber threats to industrial and critical national infrastructure
NETSCOUT Releases Annual Worldwide Infrastructure Security Report
Products and Releases  |  3/20/2019  | 
DDoS Attack Size Explodes Worldwide: SaaS and Cloud Services Increasingly Targeted
Venafi Survey: 87 Percent of Security Professionals Say World is at Cyberwar
Products and Releases  |  3/20/2019  | 
Seventy-two percent believe nation-states have right to hack back cybercriminals
Onapsis and Exabeam Partner to Bring ERP to the Security Operations Center
Products and Releases  |  3/14/2019  | 
New integration Improves Monitoring, Threat Detection, Incident Response and Compliance
Mocana Adds New Funding
Products and Releases  |  3/14/2019  | 
Mocanas IoT Device Security Platform Gains Wider Adoption as Alternative IT and OT Security Solutions Fall Short
Optiv Security Announces New Risk Transformation Service to Help Organizations Mitigate Enterprise Risk
Products and Releases  |  3/14/2019  | 
Enables clients to embrace the risk revolution and fundamentally rewrite how they manage cybersecurity to achieve business resilience.
Adlink and Entrust Datacard Make Industry 4.0 Secure-by-Design at Hannover Messe
Products and Releases  |  3/14/2019  | 
Entrust Datacard will demonstrate edge computing security capabilities with Adlink in the Adlink display.
OPAQ Awarded Patent for Cyber Risk Assessment Technology
Products and Releases  |  3/14/2019  | 
Security-as-a-Service platform provider expands IP portfolio with fifth patent, enabling eompanies to continuously identify and address their biggest security risks.
Dark Web Investigation Exposes Underground Marketplace for TLS/SSL Certificates
Products and Releases  |  3/6/2019  | 
Venafi study uncovers thriving marketplaces for TLS certificates sold individually and packaged with a wide range of crimeware.
Fidelis Cybersecurity Delivers Innovations to Provide Full Visibility of the Cyber Terrain
Products and Releases  |  3/5/2019  | 
Fidelis Elevate is the first platform of its kind to enable organizations to calculate their vulnerable attack surface and respond accordingly to build a robust defense.
Survey: 160% Increase in Destructive Attacks Targeting Financial Institutions
Products and Releases  |  3/5/2019  | 
Report reveals the cyber threats keeping financial CISOs awake at night, including Emotet, Steganography & Hidden Cobra.
SafeGuard Cyber Launches New Tool to Detect, Defend Against Cross-Channel Cyber Threats
Products and Releases  |  3/5/2019  | 
The machine learning-powered threat decision engine is designed to detect risks across social media, enterprise apps, Deep Web, and Dark Web to protect businesses from emerging attacks.
Kingston to Highlight Encrypted USB Drives, Enterprise SSDs at RSA
Products and Releases  |  3/4/2019  | 
Server Premier memory products also will be on display.
General Dynamics Mission Systems Partners with Bitglass on Cloud Security
Products and Releases  |  3/4/2019  | 
Route 66 Cyber CASB extends an enterprises existing security policies into the cloud.
Tripwire Debuts Pen Testing and Industrial Cybersecurity Assessment Services
Products and Releases  |  3/4/2019  | 
New service offerings reinforce critical security controls, assess security weaknesses of enterprises and industrial organizations
HyperQube Virtualized Network Promises 90% Savings on Cyber Efforts
Products and Releases  |  3/4/2019  | 
New approach aims to disrupt enterprise network security, development & scaling for both small and large organizations.
TrueVault Launches TrueVault Atlas To Automate Aspects of GDPR Compliance
Products and Releases  |  3/1/2019  | 
New solutionautomates the day-to-day compliance tasks of GDPR and the upcoming California Consumer Privacy Act (CCPA).


When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25533
PUBLISHED: 2021-01-15
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct ...
CVE-2021-3162
PUBLISHED: 2021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
CVE-2021-21242
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or a...
CVE-2021-21245
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.getHeader("File-Name")`). This issue may lead to arbitrary file upload which can be used to u...
CVE-2021-21246
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the `/users/` endpoint there are no security checks enforced so it is possible to retrieve ar...