Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

DRTV

The Uncertain Fate of WHOIS, & Other Matters of Internet Accountability
The Uncertain Fate of WHOIS, & Other Matters of Internet Accountability
Dark Reading Videos  |  8/20/2018  | 
Paul Vixie discusses the uncertain fate of WHOIS in the age of GDPR, the risks of domain name homographs, and other underpinnings of the Internet that are hard to trust and harder to fix.
Ensuring Web Applications Are Hardened, Secure
Ensuring Web Applications Are Hardened, Secure
Dark Reading Videos  |  8/17/2018  | 
Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.
Simplifying Endpoint Hardening, Defense & Response
Simplifying Endpoint Hardening, Defense & Response
Dark Reading Videos  |  8/17/2018  | 
Ziften CEO Mike Hamilton advocates taking complexity, time, and cost out of multi-faceted endpoint protection, with a single-agent solution for laptops, desktops, servers, and cloud VMs.
Attacking Developers Using 'Shadow Containers'
Attacking Developers Using 'Shadow Containers'
Dark Reading Videos  |  9/15/2017  | 
Sagie Dulce describes why developers are such attractive targets and how the Docker API can be exploited to use one of developers' favorite tools against them in sneaky, obfuscated attacks.
Paul Vixie: How CISOs Can Use DNS to Up Security
Paul Vixie: How CISOs Can Use DNS to Up Security
Dark Reading Videos  |  9/11/2017  | 
FarSight CEO and DNS master Paul Vixie explains how enterprises, not just telecoms and infrastructure providers, can use DNS to improve cybersecurity.
Dino Dai Zovi Dives Into Container Security, SecDevOps
Dino Dai Zovi Dives Into Container Security, SecDevOps
Dark Reading Videos  |  8/23/2017  | 
Dino Dai Zovi discusses the under-explored security aspects of Docker, data center orchestration, and containers.
Preparing For Government Data Requests After Apple Vs. FBI
Preparing For Government Data Requests After Apple Vs. FBI
Dark Reading Videos  |  10/31/2016  | 
Jennifer Granick and Riana Pfefferkorn discuss lessons learned from the Apple-FBI case, and how security pros should be prepared if government data requests hit closer to home.
Partners In The Battle Against Cyberthreats
Partners In The Battle Against Cyberthreats
Dark Reading Videos  |  10/6/2016  | 
George Karidis of CompuCom and Rodel Alejo from Intel stop by the Dark Reading News Desk.
D-FENSE! Using Research To Craft Effective Cyber Defenses
D-FENSE! Using Research To Craft Effective Cyber Defenses
Dark Reading Videos  |  9/23/2016  | 
A pair of experts from Imperva stops by the Dark Reading News Desk to chat.
Keep It Simple: Security For A Complex Enterprise
Keep It Simple: Security For A Complex Enterprise
Dark Reading Videos  |  9/14/2016  | 
Michelle Cobb of Skybox Security talks to Dark Reading about security management.
Wisdom From A Thought Leader: AppSec Best Practices
Wisdom From A Thought Leader: AppSec Best Practices
Dark Reading Videos  |  9/14/2016  | 
The Black Hat News Desk chats with Jeff Williams, CTO at Contrast Security.
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Dark Reading Videos  |  9/14/2016  | 
Tom Nipravsky, security researcher at Deep Instinct, explains how to tell the difference between a digital certificate that's worth your trust and one that isn't.
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dark Reading Videos  |  9/12/2016  | 
Dan Kaminsky discusses how to improve the security and privacy of the Internet without destroying the openness and freedom to innovate that it has always provided.
More Reasons To Drop The War On Encryption
More Reasons To Drop The War On Encryption
Dark Reading Videos  |  10/9/2015  | 
Rod Beckstrom, founding director of the US National Cybersecurity Center visits the Dark Reading News Desk at Black Hat to discuss cybercrime legislation, takedown operations, and why law enforcement should drop the war on encryption.
Jeremiah Grossman's Tips For Black Hat Hopefuls & More
Jeremiah Grossman's Tips For Black Hat Hopefuls & More
Dark Reading Videos  |  9/4/2015  | 
Founder of WhiteHat Security visits the Dark Reading News Desk to dish on the Black Hat Briefings selection process, the state of Web security, the Wassenaar Arrangement, and Flash.
China's Great Cannon: The Great Firewall's More Aggressive Partner
China's Great Cannon: The Great Firewall's More Aggressive Partner
Dark Reading Videos  |  9/3/2015  | 
Crowdstrike researchers visit Dark Reading News Desk at Black Hat to describe how China went on the offensive and extended its Internet censorship efforts beyond Chinese borders.
A Virtual Tour of IBMs SOCs, With Roger Hellman
A Virtual Tour of IBMs SOCs, With Roger Hellman
Dark Reading Videos  |  8/27/2015  | 
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
Paul Vixie On DNS Security & Botnet Takedowns
Paul Vixie On DNS Security & Botnet Takedowns
Dark Reading Videos  |  8/24/2015  | 
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
Cloud & The Security Skills Gap
Cloud & The Security Skills Gap
Dark Reading Videos  |  7/6/2015  | 
F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
The Failures of Internet Governance
The Failures of Internet Governance
Dark Reading Videos  |  4/28/2014  | 
Snooping and cybercrime exacerbate the problem of having a world without borders inside a world with many borders.
What Is The FIDO Alliance?
What Is The FIDO Alliance?
Dark Reading Videos  |  4/2/2014  | 
Phillip Dunkelberger of Nok Nok Labs explains why its proposed specifications will transform computing.
Finally, Plug & Play Authentication!
Finally, Plug & Play Authentication!
Dark Reading Videos  |  3/26/2014  | 
FIDO Alliance technology will allow enterprises to replace passwords with plug-and-play multifactor authentication.
How & Why Cloud Security Will Empower Users
How & Why Cloud Security Will Empower Users
Dark Reading Videos  |  1/27/2014  | 
Cloud computing growth means big changes for enterprises of all sizes and in all markets.
What Next-Gen Security Looks Like
What Next-Gen Security Looks Like
Dark Reading Videos  |  12/9/2013  | 
The nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms.


Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.