Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in August 2014
HP Study Finds Nearly 70 Percent of IT Professionals Experience Weekly Phishing Attacks
Products and Releases  |  8/29/2014  | 
Six out of 10 attacks stem from malicious communication with the command and control site
Belden Introduces Versatile New Industrial Router and Security Appliance
Products and Releases  |  8/29/2014  | 
GarrettCom Magnum 10RX Features Designed to Benefit Power Utility and Transportation Industries
Trend Micro Adds VMware NSX Interoperability
Products and Releases  |  8/28/2014  | 
New capabilities solidify position in cloud and data center security
Netskope and Box Team Up
Products and Releases  |  8/28/2014  | 
Netskope gives IT a way to guide users to Box from unsanctioned apps, prevent data loss in Box across any endpoint, and ensure security for the OneCloud ecosystem
Security-as-a-Service Gets VMware Ready - vCloud Air Status
Products and Releases  |  8/27/2014  | 
Company Brings Managed IDS and Log Management Capabilities to vCloud Air Customers
Bayshore Networks® Announces Major Release of SingleView
Products and Releases  |  8/26/2014  | 
Bayshore’s management component now provides global management and access control for Pallaton™ policies and YARA rules.
Blue Coat Reveals Security Risks From "One-Day Wonders" Websites
Products and Releases  |  8/26/2014  | 
Research Study finds 470 Million Websites Exist for Less Than 24 hours; 22 Percent Used to Facilitate Attacks
Qubitekk To Receive Federal Funding To Help Protect Nation's Power Grid From Cyber Attack
Products and Releases  |  8/26/2014  | 
DOE provides $3 million grant for quantum encryption technology development.
Let the Hacking Begin: NYU Launches Largest Cyber Security Student Contests
Products and Releases  |  8/25/2014  | 
Yahoo Chief Information Security Officer Alex Stamos to Keynote 11th Annual NYU Polytechnic School of Engineering's Cyber Security Awareness Week Finals
Zumigo Raises $6M to Expand Secure Payments and eCommerce with Mobile Device Location and Identity Verification
Products and Releases  |  8/25/2014  | 
Intel Capital Leads Series B Financing; Latest Funding to Expand Company’s Delivery and Development of Mobile Location Intelligence Solutions Uniquely Authenticating and Securing Mobile Commerce
Survey: Impact of Target Data Breach on Cybersecurity Budget, Executive Awareness Diminishing
Products and Releases  |  8/25/2014  | 
Tripwire survey examines views of information security professionals at annual IT security conference
Lastline Secures $10 Million Funding Round
Products and Releases  |  8/25/2014  | 
Funding from Dell Ventures, Presidio Ventures, Redpoint Ventures and eVentures to Extend the Lastline Advanced Malware Defense Platform, Security Team and Strategic Partnerships
Gartner Says Worldwide Information Security Spending Will Grow Almost 8 Percent in 2014 as Organizations Become More Threat-Aware
Products and Releases  |  8/22/2014  | 
Analysts to discuss security trends at Gartner's 2014 Security and Risk Management Summits August 25-26 in Sydney, September 8-9 in London and September 15-16 in Dubai.
LogRhythm Launches Threat Intelligence Ecosystem and Related Security Analytics Suite to Detect High-Risk Cyber Threats
Products and Releases  |  8/22/2014  | 
CrowdStrike, Norse, Symantec, ThreatStream and Webroot Join Industry’s First and Only Threat Intelligence Ecosystem
Lumeta Joins Amazon Web Services Marketplace
Products and Releases  |  8/21/2014  | 
Lumeta ESI Real-Time Network Situational Awareness Now Available for AWS Subscribers
Report: 61% of enterprises not prepared for insider threats
Products and Releases  |  8/21/2014  | 
Majority Do Not Believe They Are Adequately Prepared, Leaving Enterprises Vulnerable to Fraud, Data Breaches and IP Theft
New England’s Advanced Cyber Security Center and the Western Cyber Exchange Demonstrate Major Cybersecurity Advancement
Products and Releases  |  8/20/2014  | 
Exchange demonstrated the possibility of a national and global network of organizations sharing cyber threat information.
vArmour Raises $36 Million to Protect the Data Defined Perimeter
Products and Releases  |  8/20/2014  | 
Menlo Ventures, Columbus Nova Technology Partners And Citi Ventures Contribute Funds to Accelerate Development Of Disruptive Technology, Scale To Meet Global Demand
More than Half of Consumers Share Passwords Leading to Security Concerns
Products and Releases  |  8/19/2014  | 
Research reveals consumers leaving back door open to hackers by signing up for automatic log in options.
Lumen21 Launches HITRUST “Compliant Cloud Computing” Solution
Products and Releases  |  8/19/2014  | 
Secure Infrastructure-as-a-Service environment is fully compliant with Healthcare, Financial services, Retail and other industry regulations
GuardiCore Raises $11 Million for Data Center Security in Financing Round Led by Battery Ventures
Products and Releases  |  8/18/2014  | 
Advanced, Scalable Network Security Protects Modern Data Centers from Cyber-attacks
The Mind of Hackers: 86% Don’t Believe They’ll Face Repercussions
Products and Releases  |  8/14/2014  | 
Thycotic Black Hat 2014 Hacker Survey also finds 88% of hackers fear theft from other hackers
IBM Acquires Cloud Security Services Provider Lighthouse Security Group
Products and Releases  |  8/14/2014  | 
Simplifies Identity Protection in the Age of Mobile, Social and Cloud
ICANN Approves Name Collision Occurrence Management Framework
Products and Releases  |  8/13/2014  | 
Special IP Address (127.0.53.53) Alerts System Administrators of Potential Issue
Thoma Bravo to Make Significant Investment in SailPoint
Products and Releases  |  8/13/2014  | 
SailPoint Poised for Continued Aggressive Growth
Porticor Enhances Microsoft SQL Server Encryption With Cloud Key Management Security For Complete Database Protection
Products and Releases  |  8/12/2014  | 
Porticor virtual private data system leverages software-defined key management to eliminate complexities and risks found in traditional hardware encryption security modules
Pwnie Express Announces “Pwn Pulse” SaaS Security Assessment Solution
Products and Releases  |  8/12/2014  | 
Solution Enterprise-class Offering Combines Pwnie Express Sensors with Central Management for Remote Location Intelligence
Survey: 80 Percent of IT Security Professionals Say They Can Detect a Data Breach on Critical Systems Within a Week
Products and Releases  |  8/12/2014  | 
Tripwire survey examines views of information security professionals at annual IT security conference
New Visa Service to Help Gas Station Retailers Reduce Fraud at the Pump
Products and Releases  |  8/12/2014  | 
Intelligent analytics help merchants identify fraud before it happens; Fraud rate dropped more than 20 percent in pilot test
Vectra Networks Raises $25M to Empower Enterprises in Their Battle Against Cyber Attacks
Products and Releases  |  8/12/2014  | 
Accel Partners Leads Series C Funding with Eric Wolford Joining the Vectra Board; Latest Financing Further Validates Vectra’s Unique Approach of Detecting and Prioritizing Cyber Attacks in Real Time
Whitebox Security’s New Version Accelerates Compliance & Data Governance
Products and Releases  |  8/12/2014  | 
WhiteOPSTM increases management oversight, delivers 360O forensics, and provides “What If” analysis
BlackBerry Further Expands Security Credentials with New Government Approval for Multi-Platform Management
Products and Releases  |  8/12/2014  | 
Secure Work Space for iOS and Android receives Security Technical Implementation Guide approval for the U.S. Department of Defense
SilverSky partners w/ CTC
Products and Releases  |  8/12/2014  | 
Partnership with Leading IT Solutions Provider in Japan will drive global growth of SilverSky’s Managed Security Services
Oracle Customers Secure Critical Encryption Keys With Oracle Key Vault
Products and Releases  |  8/7/2014  | 
New solution enables centralized management of Oracle Database encryption master keys, Oracle wallet files, Java KeyStores, and more.
Core Security Helps Customers Protect Critical Business Assets At Risk
Products and Releases  |  8/6/2014  | 
Think Like An Attacker technology uses advanced analytics to identify and prioritize vulnerabilities for remediation.
6Scan Announces Automated Malware Quarantine for Websites
Products and Releases  |  8/5/2014  | 
New protection works at the web application layer to respond in real time to emerging malware threats
RiskIQ Provides X-Ray Visibility Into Security Threats Outside The Firewall
Products and Releases  |  8/5/2014  | 
Platform automates global discovery, assessment and intelligence gathering to remediate malware planted in companies' websites and mobile apps.
Caution: Second Generation Ransomware in the Wild
Products and Releases  |  8/5/2014  | 
Microsemi Continues its FPGA Security Leadership for Secure Boot
Products and Releases  |  8/5/2014  | 
Significantly Increasing Security for Critical Communication, Industrial and Defense Applications, Patent Solution Provides Resistance to DPA Attacks
Digital Guardian Debuts at Black Hat Security Conference
Products and Releases  |  8/5/2014  | 
Verdasys re-launches under company’s flagship product name, reflecting its focus on guarding data as the network perimeter dissolves and attacks from insiders and outsiders grow more sophisticated
OpenDNS Makes 3D Cyber-Attack Detection Technology Freely Available
Products and Releases  |  8/5/2014  | 
OpenGraphiti Enables Security Researchers to Easily Analyze Massive Amounts of Data to Detect Patterns and Uncover Threats
Device-Based Mass-Market Authentication Rollout
Products and Releases  |  8/4/2014  | 
Gillibrand Introduces New Cyber-Security Legislation After New 9/11 Commission Report Released Last Week Concluded A "9/10 Ability To Protect Against Cyber-Attacks"
Products and Releases  |  8/3/2014  | 
New Cyber Information Sharing Tax Credit Would Incentivize Critical Infrastructure Businesses to Join Information-Sharing Organizations to Strengthen Their Cyber Security
Onapsis Research Labs releases six new critical security advisories for companies using SAP
Products and Releases  |  8/1/2014  | 
Latest threats target key administration capabilities for SAP HANA and allow remote attackers to access restricted functionality to gain access to any organization’s secure information


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file