Products and Releases

Content posted in July 2016
Attivo Networks Launches Attack Path Vulnerability Assessments for Continuous Threat Management at Black Hat
Products and Releases  |  7/27/2016  | 
ThreatMatrix Detection Platform Expands, Providing Attack Path Prediction, Enhanced Deception Techniques and Support for Routed Networks
TrapX Evolves Deception-Based Network Security Beyond IT
Products and Releases  |  7/27/2016  | 
New DeceptionGrid 5.2 Provides Emulations for Point-of-Sale Systems and Medical Devices as Well as Industrys First Mac OS Emulation
Acalvio Technologies Emerges from Stealth Mode with $17 Million Investment from Accel Ventures, Ignition Partners, Eileses Capital
Products and Releases  |  7/27/2016  | 
Unveils Deception 2.0 Technology for Advanced Threat Defense
Indegy Lands $12M in Series A Financing to Protect Critical Infrastructures from Cyber Threats
Products and Releases  |  7/26/2016  | 
Round Led by Vertex Ventures; Funds will be Used to Expand Sales, Marketing and Customer Support
Third-Party Cyber Risk Management Platform Company CyberGRX Closes $9M Series A Funding
Products and Releases  |  7/22/2016  | 
Allegis Capital Leads Round with Participation from Major Cybersecurity Investors; Platform Being Developed in Close Collaboration with Early Adopters at Leading Institutions
Edward Snowden speaking at SecTor 2016
Products and Releases  |  7/14/2016  | 
Twistlock Secures $10 Million in Series A Funding
Products and Releases  |  7/7/2016  | 
TenEleven Ventures Leads the Series A Round With Rally Ventures and Existing Investor YL Ventures
Veriflow Secures Series A Funding to Drive Innovation in Preventing Change-Induced Outages and Breaches in Networks
Products and Releases  |  7/6/2016  | 
Menlo Ventures Leads $8.2 Million Funding Round as Veriflow Takes Next Steps in Adoption of Mathematical Network Verification
DDoS Extortion Campaigns to Threaten 80% of European Businesses in the Next Year
Products and Releases  |  7/6/2016  | 
European IT security professionals call upon Internet Service Providers to offer business customers more robust and proactive cyber security protection against growing DDoS ransom threat
Cyber Security Company Darktrace in $65 million Fundraise to Accelerate Global Expansion in Round led by KKR
Products and Releases  |  7/6/2016  | 
TenEleven Ventures, SoftBank-affiliated Fund Also Join Existing Investors Invoke Capital and Summit Partners
Virtru Sets a New Standard for Seamless Data Protection by Allowing Users to Search Full Text of Encrypted Content
Products and Releases  |  7/5/2016  | 
With Industry's First Privacy-Preserving Encrypted Search, Users Can Now Search and Find Encrypted Content Without Weakening Data Protections or Exposing Content to Any Third Party


New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17948
PUBLISHED: 2018-11-20
An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3.
CVE-2018-1779
PUBLISHED: 2018-11-20
IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
CVE-2018-19367
PUBLISHED: 2018-11-20
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
CVE-2018-19335
PUBLISHED: 2018-11-20
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-19334
PUBLISHED: 2018-11-20
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug reports.