Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in May 2019
Cyber Ireland announced by IDA Ireland and Cork Institute of Technology
Products and Releases  |  5/31/2019  | 
National cyber security cluster initiative is recruiting industry and higher education institutes.
FS-ISAC Survey: Nearly 75 Percent of Financial Institutions CISOs Plan to Ask for an Increase in Cybersecurity Investment
Products and Releases  |  5/29/2019  | 
Only four percent of financial institutions prioritize employee education and training in existing budgets
2019 State of Enterprise Secure Access Report
Products and Releases  |  5/23/2019  | 
A full 61% of IT organizations surveyed have little to modest confidence in their ability to mitigate access security threats, despite a majority significantly increasing their near-term budget.
Infocyte Launches Agentless Cloud Workload Protection Platform, Strengthens Capabilities in AWS Environments
Products and Releases  |  5/22/2019  | 
Capabilities include agentless deployment via API, automated threat detection, and instant root cause analysis for certifying cloud workloads are clean and aecure.
Microsoft Joins MANRS to Improve Routing Security
Products and Releases  |  5/22/2019  | 
Hunters.AI Raises $5.4M Seed Round to Equip Cybersecurity Teams with Autonomous Threat Hunting Machine
Products and Releases  |  5/22/2019  | 
Utilizes unique military-grade attack intelligence, artificial intelligence and existing security data to deliver proactive, scalable and actionable attack detection
xMatters open-sources its Chaos Engineering tool
Products and Releases  |  5/16/2019  | 
Cthulhu automates cross-platform failure testing to help developers put better software into production and minimize downtime costs
Sectigo Sponsors Lets Encrypt to Enable Certificate Transparency Log Operation
Products and Releases  |  5/15/2019  | 
Commercial Certificate Authority Helps Ensure Fabric of CT Logs is Adequate for Worlds Certificate Needs
LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform
Products and Releases  |  5/15/2019  | 
With LogRhythm Cloud, security analysts get the full experience of an award-winning platform with the benefits of Software as a Service (SaaS)
Semmle appoints its first CSO
Products and Releases  |  5/8/2019  | 
roduct security veteran Fermn Serna leaves Google to help secure all software by bringing the security and development communities together
Sumo Logic Completes $110 Million Funding Round
Products and Releases  |  5/8/2019  | 
Battery Ventures, Tiger Global Management and Franklin Templeton Sign on to Back Sumo Logics Industry Leading Continuous Intelligence Platform
Quad9 Offers Owners of Android-Based Devices DNS Security Protections for Free
Products and Releases  |  5/7/2019  | 
Privacy-centric DNS service blocks access to more than 15 million malicious events per day, limiting access to malware and phishing as well as encrypting private DNS data.
CrowdStrike Falcon Integrates Firmware Attack Detection Capability
Products and Releases  |  5/3/2019  | 
Endpoints protected by CrowdStrike Falcon will now gain continuous monitoring for firmware attacks
NSS Labs Appoints New Chief Executive Officer
Products and Releases  |  5/2/2019  | 


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19729
PUBLISHED: 2019-12-11
An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting an additional property to the user-input, because bson-objectid will return early if it detects _bsontype==ObjectID in the user-inpu...
CVE-2019-19373
PUBLISHED: 2019-12-11
An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST parame...
CVE-2019-19374
PUBLISHED: 2019-12-11
An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the se...
CVE-2014-7257
PUBLISHED: 2019-12-11
SQL injection vulnerability in DBD::PgPP 0.05 and earlier
CVE-2013-4303
PUBLISHED: 2019-12-11
includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows remote attackers to conduct cross-s...