Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Products and Releases

Content posted in September 2017
SecurityFirst DataKeep Protecting Data From Creation to Deletion
Products and Releases  |  9/27/2017  | 
Cost-effective, scalable and transparent data-centric protection for companies of any size
Lacework Announces Immediate Support for Microsoft Windows Server
Products and Releases  |  9/27/2017  | 
Simplifies Cloud Security with Technology That Addresses Hybrid Cloud Environments in One Solution
BullGuard Launches Next-Generation Anti-Malware Engine Across All BullGuard Products And First-of-Its-Kind, Real-Time Home Network Scanner
Products and Releases  |  9/27/2017  | 
Comprehensive range of leading-edge consumer cybersecurity products cover both the endpoint and network layers; Home Network Scanner features industry-first, internal and external scanner that monitors and scans all connected devices to protect from outside hackers
Citadels New Department of Intelligence and Security Studies First of its Kind in South Carolina
Products and Releases  |  9/27/2017  | 
Founded by former FBI special agent
Aruba Modernizes Network Security to Reduce Risk
Products and Releases  |  9/22/2017  | 
Aruba 360 Secure Fabric delivers new analytics-driven, advanced cyber protection in UEBA to simplify enterprise security.
Dashlane Announces Dashlane Business 2.0
Products and Releases  |  9/22/2017  | 
Launch of latest enterprise password management solution lets IT administrators educate, onboard, and enforce corporate password policies.
New Research from Intermedia Reveals a False Sense of Confidence Among Office Workers with Phishing Scams Still on the Rise
Products and Releases  |  9/22/2017  | 
Despite continued education and awareness, one in five office workers continue to be a victim of costly phishing emails
Attivo Networks Tackles Cloud Threat Detection Gaps
Products and Releases  |  9/22/2017  | 
Expands ThreatDefend Cloud Data Center offerings for Azure, AWS, and OpenStack.
HID Global to Acquire Mercury Security, Expanding its Leadership in Access Control
Products and Releases  |  9/21/2017  | 
HID Global signs an agreement to acquire Mercury Security, an OEM supplier of controllers for physical access control.
Intelisecure Launches Solutions, Managed Services Offering to Protect Critical Data
Products and Releases  |  9/21/2017  | 
New offering aims to help midsize enterprises meet their data protection needs at a consumable price point.
Symantec Protects Data Everywhere with Information Centric Security
Products and Releases  |  9/20/2017  | 
Symantec Data Loss Prevention 15 integrates with tagging, encryption and access management to secure regulated and sensitive data wherever it goes.
SMBs are Huge Target for Hackers: 2017 Ponemon Study
Products and Releases  |  9/20/2017  | 
Benchmarking Critical Exercise in Early Stages of Software Security: BSIMM8
Products and Releases  |  9/20/2017  | 
Latest iteration of the building security in maturity model shows more organizations jumpstarting their software security initiatives with assessments and improving over time.
Atlantic.Net Unveils Cloud Platform to Encrypt Customer Data
Products and Releases  |  9/19/2017  | 
Cloud hosting solutions provider encrypts all customer data stored at rest.
Venafi Awarded Two New Patents
Products and Releases  |  9/14/2017  | 
Stuart McClure, CEO and Co-Founder of Cylance Inc., Joins JASKs Board of Directors
Products and Releases  |  9/14/2017  | 
JASK Appoints Cybersecurity Pioneer to Help Usher in Next Iteration of Machine Learning-Based Security Technology
AppGuard Closes a $30 Million Series B to Accelerate Growth in Enterprise and SMB Markets
Products and Releases  |  9/14/2017  | 
Series B funding brings total financing to $100m for AppGuard since April
CyberScout Elite Brings Commercial Cyber Coverage to High Net Worth Households
Products and Releases  |  9/13/2017  | 
Offering combines concierge service with a suite of commercial quality protective services and the convenience of a mobile app.
Former General Counsel for US Intelligence Community Joins Morrison & Foerster
Products and Releases  |  9/13/2017  | 
Robert S. Litt will further strengthen the firms growing National Security and Global Risk & Crisis Management Practices.
81% of Infosec Pros Say Required Job Skills Have Changed
Products and Releases  |  9/6/2017  | 
The change comes amid a skills gap the industry is facing.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file