Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Issue Archives

2021 Top Enterprise IT Trends
Publish Date: Feb 4,2021
2020: The Year in Security
Publish Date: Dec 7,2020
How to Measure and Reduce Cybersecurity Risk in Your Organization
Publish Date: Oct 28,2020
Special Report: Computing's New Normal
Publish Date: Sep 17,2020
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
Publish Date: Aug 14,2020
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
Publish Date: May 12,2020
6 Emerging Cyber Threats That Enterprises Face in 2020
Publish Date: Feb 13,2020
IT 2020: A Look Ahead
Publish Date: Jan 23,2020
The Year in Security: 2019
Publish Date: Dec 9,2019
Navigating the Deluge of Security Data
Publish Date: Nov 12,2019
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
Publish Date: Aug 12,2019
Building and Managing an IT Security Operations Program
Publish Date: May 15,2019
5 Emerging Cyber Threats to Watch for in 2019
Publish Date: Feb 7,2019
The Year in Security 2018
Publish Date: Dec 7,2018
10 Best Practices That Could Reshape Your IT Security Department
Publish Date: Nov 6,2018
10 Emerging Threats Every Enterprise Should Know About
Publish Date: Aug 16,2018
The Biggest Cybersecurity Breaches of 2018 (So Far)
Publish Date: Jul 23,2018
The Changing Role of the CISO
Publish Date: May 21,2018
How to Cope with the IT Security Skills Shortage
Publish Date: Feb 12,2018
The Year in Security: 2017
Publish Date: Dec 12,2017
Managing Cyber-Risk
Publish Date: Oct 25,2017
Security Vulnerabilities: The Next Wave
Publish Date: Jul 19,2017
Security Operations and IT Operations: Finding the Path to Collaboration
Publish Date: Apr 19,2017
5 Security Technologies to Watch in 2017
Publish Date: Jan 18,2017
Five Things Every Business Executive Should Know About Cybersecurity
Publish Date: Dec 6,2016
Five Emerging Security Threats - And What You Can Learn From Them
Publish Date: Aug 9,2016
The Changing Face of Identity Management
Publish Date: Jul 26,2016
DNS Threats: What Every Enterprise Should Know
Publish Date: Jun 28,2016
How To Build An Effective Defense Against Ransomware
Publish Date: Jun 21,2016
8 Key Building Blocks for Enterprise Network Defense
Publish Date: May 10,2016
Understanding & Managing the Mobile Security Threat
Publish Date: Mar 15,2016
E-Commerce Security: What Every Enterprise Needs to Know
Publish Date: Nov 2,2015
Dark Reading Tech Digest September 7, 2015
Publish Date: Sep 7,2015
Dark Reading Tech Digest, June 2015
Publish Date: Jun 1,2015
Dark Reading - March 2, 2015
Publish Date: Mar 2,2015
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30477
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to.
CVE-2021-30478
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a system bot, including to other organizations hosted by the sa...
CVE-2021-30479
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization.
CVE-2021-30487
PUBLISHED: 2021-04-15
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
CVE-2020-36288
PUBLISHED: 2021-04-15
The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused ...