Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in April 2016
US PC Users Making Some Progress in Patching Software Vulnerabilities, But Significant Challenges Remain
Products and Releases  |  4/29/2016  | 
Private Microsoft Windows users patching their operating systems more diligently but the same cannot be said of Apple QuickTime and Oracle Java users.
Threat Stack Secures $15.3 Million in Series B Funding to Drive More Efficiency for Cloud Security Teams
Products and Releases  |  4/29/2016  | 
Scale Venture Partners Leads Round; Market Demand and Rapid Customer Growth Key to Series B Funding Round
Bitglass Report: BYOD Supported in More Than 70 Percent of Organizations That Are Driven by Need for Increased Productivity
Products and Releases  |  4/29/2016  | 
Financial Services Industry Leads in Support for BYOD, Despite Regulations and Security Concerns
VASCO Launches FIDO U2F Certified Authenticator for Use with Popular Online Applications
Products and Releases  |  4/20/2016  | 
DIGIPASS SecureClick one-button authenticator allows users to easily add the enhanced security of two-factor authentication to common applications
Symantec Partners with Rockwell Automation to Maximize Security for Industrial PCs
Products and Releases  |  4/20/2016  | 
Symantec Embedded Security: Critical Systems Protection has been qualified for use with Rockwell Automation software
TrapX Security Expands: Fueled by Customer Demand and Additional $5 Million Investment from Strategic Cyber Ventures LLC
Products and Releases  |  4/19/2016  | 
In Addition to Triple Digit Worldwide Growth, the Company Appointed Three New Vice Presidents to Further Expand the Companys Product Portfolio and Increase Worldwide Sales
Bastille Report Finds More Than 80 Percent of Businesses are Potentially Vulnerable to Being MouseJacked
Products and Releases  |  4/19/2016  | 
Results Suggest That Despite Increased Awareness and Concern, Some Companies and Individuals Continue to Ignore Risks of the MouseJack Threat
LANDESK Closes 7th Acquisition in 5 Years
Products and Releases  |  4/19/2016  | 
Finalizes AppSense Acquisition, Advances Lead in Unified Endpoint Management with Extended User Virtualization Capabilities
ISACAs New Cybersecurity Boot Camp Coming to New York
Products and Releases  |  4/19/2016  | 
Intensive five-day training helps organizations develop their cyber workforces
Former NSC Director of Cybersecurity Policy Leads Illumio Cyber Assessment Program
Products and Releases  |  4/18/2016  | 
Program Designed to Identify Attack Surface and Secure High-Value Assets Inside Data Centers and Clouds
Lets Encrypt Leaves Beta
Products and Releases  |  4/14/2016  | 
New and renewing sponsors back Lets Encrypt technology and its mission to encrypt 100 percent of the Web
DHS, NASA PARTNER IN SEARCH OF INNOVATION IN HOMELAND SECURITY
Products and Releases  |  4/13/2016  | 
Developing Prize Competitions to Engage Citizen Scientists in Public and Private Sectors
TECHNICAL EXPERTS AT BAE SYSTEMS REVEAL DETAILS OF NEW STRAIN OF VIRULENT CYBER THREAT
Products and Releases  |  4/12/2016  | 
Cyber criminals targeting public institutions with modified form of Qbot malware
Optiv Security Expands Identity and Access Management with Close of Advancive Acquisition
Products and Releases  |  4/12/2016  | 
Transaction Brings Together Two Respected IAM Organizations to Solve Client Identity Problems in New and Innovative Ways
KnowBe4 Unveils Kevin Mitnick Security Awareness Training Spring 2016
Products and Releases  |  4/11/2016  | 
KnowBe4 adds first human pentest, USB drive test, and geo-location to simulated phishing testing.
Lookout Welcomes Bluebox Security
Products and Releases  |  4/8/2016  | 
Unsecured Vendor Access Creates the Perfect Storm for Cyber Attacks
Products and Releases  |  4/8/2016  | 
Groundbreaking Vendor Vulnerability study finds an increasing trust and dependence on third-party vendors with access to IT systems is opening organizations up to cyber-security breaches
CodeMeter Named CODiE Awards Finalist
Products and Releases  |  4/8/2016  | 
CodeMeter Secure Licensing Platform earns prestigious industry recognition


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...