Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in May 2020
CISA Releases New Cyber Essentials Toolkit
Products and Releases  |  5/29/2020  | 
Intrusion Inc. Appoints Jack Blount as President and Chief Executive Officer
Products and Releases  |  5/28/2020  | 
Most recently, Blount founded a strategic consultancy for enterprise, startup, and federal government organizations.
Synack's $52 Million Investment Fuels Future of Remote Security Testing from World's Elite Hackers
Products and Releases  |  5/28/2020  | 
Synack advances the only crowdsourced penetration testing platform that pairs ethical hacking skills with artificial intelligence to confront new and evolving cyber threats.
RiskIQ Creates Complimentary COVID-19 Internet Intelligence Gateway to Fight Pandemic of Cybercrime
Products and Releases  |  5/28/2020  | 
Microsite to enable the security community during crisis.
New Research Indicates 84% of Businesses Will Likely Increase Work-from-Home Capacity Beyond Pandemic Despite Security Concerns
Products and Releases  |  5/27/2020  | 
IT decision-makers to expand work-from-home initiatives as two-thirds prepare for increased malware, phishing, and unauthorised user and device access exposures.
Smarsh Acquires Entreda, Leader in Cybersecurity Risk & Compliance Software for Wealth Management Industry
Products and Releases  |  5/21/2020  | 
Smarsh to Expand Product Offerings to Encompass Award-Winning Cybersecurity Risk and Compliance Solutions.
FireEye Endpoint Security: Introducing Innovation Architecture for Rapid Deployment of Advanced Capabilities
Products and Releases  |  5/21/2020  | 
Enables organizations to respond to security incidents more quickly with flexible and customizable modules.
Avanan Introduces Cloud-based Security for Citrix ShareFile
Products and Releases  |  5/20/2020  | 
Avanan's new set of capabilities expands its coverage of cloud-based platforms.
Telos Appoints General Keith Alexander as Inaugural Member of Advisory Board
Products and Releases  |  5/20/2020  | 
General Alexander will serve as a strategic partner and provide counsel on key cybersecurity objectives and initiatives.
Varonis Announces New Platform Update Featuring Remote Work Cybersecurity Capabilities
Products and Releases  |  5/20/2020  | 
Updates to the Varonis Data Security Platform help enterprises better secure their remote workforces with greater visibility and threat detection related to VPN and data access activity.
Accurics' 'State of DevSecOps Report' Highlights Shift Toward Provisioning Cloud Infrastructure Through Code
Products and Releases  |  5/20/2020  | 
Report analyzes current cloud-security approaches and outlines best practices.
FTI Consulting Survey Shares Data Privacy Budget and Solutions Forecast
Products and Releases  |  5/19/2020  | 
Data privacy spend to grow by more than 50%; most organizations plan to increase focus on privacy compliance in coming year.
FireEye Announces Availability of FireEye Cloudvisory
Products and Releases  |  5/18/2020  | 
Cloudvisory is a cloud-native security solution that gives security teams unified control over cloud sprawl and infrastructure misconfiguration.
EmberSec Unveils Virtual CISO Program
Products and Releases  |  5/18/2020  | 
Program provides deep risk management and cybersecurity expertise.
wolfSSL Releases Version 4.4.0 of Embedded TLS Library wolfSSL
Products and Releases  |  5/18/2020  | 
Also announces updates to related products.
Security Industry Association Announces New SIA Women in Security Forum Scholarship Opportunity
Products and Releases  |  5/14/2020  | 
SIA INVITES EMPLOYEES OF MEMBER COMPANIES AND SIA STUDENT MEMBERS TO APPLY FOR THIS NEW PROGRAM DESIGNED TO FURTHER EDUCATIONAL OPPORTUNITIES AND PROMOTE ADVANCEMENT FOR A DIVERSE SECURITY WORKFORCE.
FBI, CISA: Cyber Actors Targeting COVID-19-Related Research
Products and Releases  |  5/14/2020  | 
Potential theft jeopardizes delivery of secure, effective, and efficient treatment options.
Digital Fraudsters Increase Attacks Against Multiple Industries During Pandemic
Products and Releases  |  5/13/2020  | 
TransUnion quarterly global fraud analysis also examines the types of fraud targeting businesses and where it originates.
Coronavirus-Related Cyber Attacks Jump 30%
Products and Releases  |  5/13/2020  | 
Check Point Researchers document 192,000 coronavirus-related cyberattacks a week, citing impersonations of WHO, UN, and Zoom.
Survey: Data Sharing in the Cloud Puts Education Sector at Risk
Products and Releases  |  5/12/2020  | 
Netwrix survey reveals that employees at 54% of educational organizations use cloud applications to share sensitive data outside of IT control and knowledge.
Cisco Fixes Vulnerabilities in ASA Firewall Found by Positive Technologies
Products and Releases  |  5/8/2020  | 
Exploitation of these vulnerabilities could have prevented VPN connection or allowed attackers to penetrate corporate networks.
Dtex Raises $17.5 Million in Funding
Products and Releases  |  5/7/2020  | 
Funding, led by Northgate Capital, will be used to expand insider threat cybersecurity company's market presence.
MITRE Engenuity Announces ATT&CK Evaluations for ICS Vendors
Products and Releases  |  5/7/2020  | 
Evaluations to Focus on Malware Capable of Physical Damage
Research: Women Are Better at Cybersecurity Than Men
Products and Releases  |  5/7/2020  | 
NordPass survey reveals that women do more to protect themselves online.
Cyber Warning Issued for Key Healthcare Organizations in UK and USA
Products and Releases  |  5/5/2020  | 
Organizations targeted in large-scale "password spraying" campaigns.
Blackblaze Releases S3 Compatible APIs
Products and Releases  |  5/5/2020  | 
More than a dozen software companies have committed their support.
Privitar Announces New Native Integration with Google Cloud Platform
Products and Releases  |  5/5/2020  | 
New integration enables users to seamlessly protect and extract maximum value from sensitive personal data, rounds out Privitar's support of public cloud services.
APT Actors Shift to Mobile During Q1
Products and Releases  |  5/4/2020  | 
Kaspersky research also shows increased activity in Asia.


Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27621
PUBLISHED: 2020-10-22
The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data. This resulted in an inab...
CVE-2020-27620
PUBLISHED: 2020-10-22
The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because MediaWiki messages were not being properly escaped. This is related to wfMessage and Html::rawElement, as demonstrated by CosmosSocialProfile::getUserGroups.
CVE-2020-27619
PUBLISHED: 2020-10-22
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVE-2020-17454
PUBLISHED: 2020-10-21
WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal b...
CVE-2020-24421
PUBLISHED: 2020-10-21
Adobe InDesign version 15.1.2 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .indd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.