Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in April 2021
Kaspersky: Targeted Ransomware Grows Nearly 800%
Products and Releases  |  4/23/2021  | 
Deep Instinct Receives $100 Million in Series D Funding
Products and Releases  |  4/22/2021  | 
Trend Micro Revamps Partner Program
Products and Releases  |  4/22/2021  | 
Netacea Releases "Buying Bad Bots Wholesale: The Genesis Market" Report
Products and Releases  |  4/22/2021  | 
New report uncovers the tactics used to steal and sell genuine digital fingerprints on the most popular deep web marketplace.
Former Google Security Execs Join Red Canary
Products and Releases  |  4/21/2021  | 
Cynet Activates Competitive Replacement Program for Customers Migrating to Cynet 360 XDR Platform
Products and Releases  |  4/20/2021  | 
Under new initiative, organizations receive software at no charge until end of competitive product contract period.
Sift Streamlines Digital Trust & Safety Suite to Protect Merchants Against the Fraud Economy
Products and Releases  |  4/20/2021  | 
New features deliver more control, transparency, and connection to combat fraud and accelerate growth.
Zerto Announces General Availability of Zerto for Kubernetes and New Public Cloud Capabilities
Products and Releases  |  4/20/2021  | 
Unlocking continuous cloud protection for hybrid, public, and native cloud workloads.
Zerto Announces Zerto Backup for SaaS, Powered by Keepit
Products and Releases  |  4/20/2021  | 
Protects data against accidental deletion, ransomware attacks, reduces compliance errors, and improves recoverability.
Zscaler Advances Zero Trust Security for the Digital Business
Products and Releases  |  4/20/2021  | 
Security Innovations, Resources for CxOs and IT Practitioners, and Zero Trust Deployment Programs Overcome Security Barriers to Accelerate Digital Transformation
Mastercard to Acquire Ekata to Advance Digital Identity Efforts
Products and Releases  |  4/19/2021  | 
New capabilities strengthen trust in every interaction through AI-powered identity verification reinforced by commitment to strong data management principles.
Kasada and GreyNoise Team up to Identify Which Potential Threats Demand Immediate Attention
Products and Releases  |  4/16/2021  | 
Collaboration Brings Together Leading Internet Noise Detection and Bot Mitigation Companies, Providing Free Access to Real-Time Scanner, Attack and Bot Threat Information
$125M Growth Round Fuels Keyfactor & PrimeKey Merger to Bring Machine Identity Management to the Mainstream
Products and Releases  |  4/16/2021  | 
Merger between certificate automation and certificate authority providers set to impact IAM strategy for enterprises.
Cado Security Closes $10M in Funding to Accelerate Adoption of Cloud-Native Digital Forensics Platform
Products and Releases  |  4/16/2021  | 
Blossom Capital leads Series A investment round; Cado Security platform enables security teams to effectively investigate and respond to cyber incidents at cloud speed.
Vital Pandemic Industries Foster Unprecedented DDoS Attack Activity, NETSCOUT Threat Intelligence Report Finds
Products and Releases  |  4/14/2021  | 
Record-setting 10 million-plus DDoS attacks and 22% increase in attack frequency; WISR survey findings reinforce impact of global DDoS extortion attack campaign.
1Password Launches Secrets Automation & Makes Acquisition to Protect Infrastructure Secrets
Products and Releases  |  4/14/2021  | 
1Password expands focus to protect both human and machine secrets for companies worldwide.
Invicti Security Reports on Lost Year in Web Application Security
Products and Releases  |  4/14/2021  | 
Covid-19, remote work, and economic headwinds interrupted progress, putting businesses and consumers at risk.
SafeGuard Cyber Raises $45M In Strategic Growth Financing Led By NightDragon
Products and Releases  |  4/13/2021  | 
Digital risk protection platform secures communications across all third-party social media, collaboration, and mobile chat channels.
CloudKnox Uncovers Permissions Gap Across Enterprise Hybrid & Multi-Cloud Environments
Products and Releases  |  4/13/2021  | 
Industrys first State of Cloud Entitlements Report reveals significant security risk with more than 90% of organizations using less than 5% of permissions granted.
Beyond Identity Integration With Auth0 Enables Completely Passwordless Authentication
Products and Releases  |  4/13/2021  | 
Beyond Identity now available on Auth0 Marketplace to eliminate user friction and credential-based attacks.
Lookout Launches New Global Channel Program
Products and Releases  |  4/9/2021  | 
ThreatQuotient Closes $22.5 Million in New Financing
Products and Releases  |  4/7/2021  | 
Andy Ellis Named Operating Partner at YL Ventures
Products and Releases  |  4/7/2021  | 
VMware Expands Into Container Security
Products and Releases  |  4/7/2021  | 
Announcing Zero Trust Authentication for Managed Devices & BYOD
Products and Releases  |  4/6/2021  | 
Beyond Identity now integrates with Jamf, Microsoft Intune, and VMware Workspace ONE UEM, collecting additional device attributes to further expand risk-based authentication decisions.
ThreatQuotient Closes $22.5M in New Financing to Accelerate Innovation & Execution
Products and Releases  |  4/6/2021  | 
Continued momentum in 2020 including record bookings, new customers and revenue growth garners attention of new investors.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1172
PUBLISHED: 2023-03-17
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...
CVE-2023-1469
PUBLISHED: 2023-03-17
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
CVE-2023-1466
PUBLISHED: 2023-03-17
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(...
CVE-2023-1467
PUBLISHED: 2023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt le...
CVE-2023-1468
PUBLISHED: 2023-03-17
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipula...