Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
FIRST Announces Cyber-Response Ethical Guidelines
Dark Reading Staff, Quick Hits
The 12 points seek to provide security professionals with advice on ethical behavior during incident response.
By Dark Reading Staff , 10/21/2020
Comment0 comments  |  Read  |  Post a Comment
Dealing With Insider Threats in the Age of COVID
Hitesh Sheth, CEO, VectraCommentary
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
By Hitesh Sheth CEO, Vectra, 10/21/2020
Comment0 comments  |  Read  |  Post a Comment
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, KrollCommentary
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
By Alan Brill Senior Managing Director, Cyber Risk Practice, Kroll, 10/21/2020
Comment1 Comment  |  Read  |  Post a Comment
Building the Human Firewall
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
What's Really Happening in Infosec Hiring Now?
Joan Goodchild, Contributing Writer
As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story.
By Joan Goodchild Contributing Writer, 10/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Security Officers, Are Your Employees Practicing Good Habits from Home?
Chip Witt, Vice President of Product Management at SpyCloudCommentary
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.
By Chip Witt Vice President of Product Management at SpyCloud, 10/12/2020
Comment2 comments  |  Read  |  Post a Comment
Why MSPs Are Hacker Targets, and What To Do About It
John Hammond, Senior Security Researcher at HuntressCommentary
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
By John Hammond Senior Security Researcher at Huntress, 10/9/2020
Comment0 comments  |  Read  |  Post a Comment
John McAfee Indicted on Tax Charges
Dark Reading Staff, Quick Hits
The indictment alleging tax evasion and failure to file returns was unsealed after his arrest in Spain.
By Dark Reading Staff , 10/5/2020
Comment0 comments  |  Read  |  Post a Comment
'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month
Nicole Ferraro, Contributing Writer
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).
By Nicole Ferraro Contributing Writer, 10/5/2020
Comment0 comments  |  Read  |  Post a Comment
'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness
Aviv Grafi, CEO & Founder, VotiroCommentary
To protect your organization from all emerging file-borne threats, the security and leadership teams must align to develop a streamlined approach to file security.
By Aviv Grafi CEO & Founder, Votiro, 10/1/2020
Comment0 comments  |  Read  |  Post a Comment
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
Dov Lerner, Security Research Lead, SixgillCommentary
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
By Dov Lerner Security Research Lead, Sixgill, 9/23/2020
Comment1 Comment  |  Read  |  Post a Comment
Nearly 70% of IT & Security Pros Hone Their Cyber Skills Outside of Work
Steve Zurier, Contributing WriterNews
New research shows how security skills are lacking across multiple IT disciplines as well - including network engineers, sys admins, and cloud developers.
By Steve Zurier Contributing Writer, 9/22/2020
Comment0 comments  |  Read  |  Post a Comment
Time for CEOs to Stop Enabling China's Blatant IP Theft
Eric Noonan, CEO, CyberSheathCommentary
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
By Eric Noonan CEO, CyberSheath, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVistaCommentary
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
By Simone Petrella Chief Executive Officer, CyberVista, 9/16/2020
Comment1 Comment  |  Read  |  Post a Comment
6 Lessons IT Security Can Learn From DevOps
Curtis Franklin Jr., Senior Editor at Dark Reading
DevOps has taken over enterprise software development. The discipline has lessons for IT security -- here are a quick half-dozen.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/10/2020
Comment2 comments  |  Read  |  Post a Comment
Post-COVID-19 Security Spending Update
Ericka Chickowski, Contributing Writer
Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.
By Ericka Chickowski Contributing Writer, 9/8/2020
Comment0 comments  |  Read  |  Post a Comment
5 Ways for Cybersecurity Teams to Work Smarter, Not Harder
Theresa Lanowitz, Head of Evangelism, AT&T CybersecurityCommentary
Burnout is real and pervasive, but some common sense tools and techniques can help mitigate all that.
By Theresa Lanowitz Head of Evangelism, AT&T Cybersecurity, 9/3/2020
Comment1 Comment  |  Read  |  Post a Comment
From Defense to Offense: Giving CISOs Their Due
Marc Wilczek, Digital Strategist & COO of Link11Commentary
In today's unparalleled era of disruption, forward-thinking CISOs can become key to company transformation -- but this means resetting relationships with the board and C-suite.
By Marc Wilczek Digital Strategist & COO of Link11, 8/31/2020
Comment5 comments  |  Read  |  Post a Comment
Redefining What CISO Success Looks Like
Brian Ahern, CEOCommentary
Key to this new definition is the principle that security programs are designed to minimize business risk, not to achieve 100% no-risk.
By Brian Ahern CEO, 8/28/2020
Comment0 comments  |  Read  |  Post a Comment
The Inside Threat from Psychological Manipulators
Joshua Goldfarb, Independent ConsultantCommentary
How internal manipulators can actually degrade your organization's cyber defense, and how to defend against them.
By Joshua Goldfarb Independent Consultant, 8/27/2020
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by karthik.k16
Current Conversations Thanks. Very informative
In reply to: Great article
Post Your Own Reply
Posted by TimKorry
Current Conversations Great tips. Thanks
In reply to: Great tips
Post Your Own Reply
More Conversations
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
CVE-2020-5990
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
CVE-2020-25483
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVE-2020-5977
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.