Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
7 Tax Season Security Tips
6 Factors That Raise The Stakes For IoT Security
RSAC Sets Finalists for Innovation Sandbox
5 Measures to Harden Election Technology
Assessing Cybersecurity Risk in Today's Enterprise
News & Commentary
Ensure Your Cloud Security Is as Modern as Your Business
Nicolas (Nico) Fischbach, Global CTO at ForcepointCommentary
Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.
By Nicolas (Nico) Fischbach Global CTO at Forcepoint, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Google Adds More Security Features Via Chronicle Division
Robert Lemos, Contributing WriterNews
Order out of chaos? The saga of Chronicle continues with new security features for the Google Cloud Platform.
By Robert Lemos Contributing Writer, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Wendy Nather on How to Make Security 'Democratization' a Reality
Sara Peters, Senior Editor at Dark Reading
Ahead of her keynote at the RSA Conference, Cisco's head of advisory CISOs outlines to Dark Reading a unique paradigm that asks security teams to stop fighting their users -- and start sharing control with them.
By Sara Peters Senior Editor at Dark Reading, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
Jessica Smith, Senior Vice President, The Crypsis GroupCommentary
There are far more ways to be helpful than adding to the noise of what a company probably did wrong.
By Jessica Smith Senior Vice President, The Crypsis Group, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
McAfee Acquires Light Point for Browser Isolation Tech
Dark Reading Staff, Quick Hits
Company plans to integrate Light Point Security's technology into the McAfee Secure Web Gateway and its Mvision UCE platform.
By Dark Reading Staff , 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Wanted: Hands-On Cybersecurity Experience
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Organizations lament a lack of qualified job candidates as they continue to struggle to hire and retain security teams, the new ISACA State of Cybersecurity 2020 report shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Verizon: Attacks on Mobile Devices Rise
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Security, Networking Collaboration Cuts Breach Cost
Kelly Sheridan, Staff Editor, Dark ReadingNews
CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.
By Kelly Sheridan Staff Editor, Dark Reading, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
Curtis Franklin Jr., Senior Editor at Dark Reading
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
Enterprise Cloud Use Continues to Outpace Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.
By Kelly Sheridan Staff Editor, Dark Reading, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
Solving the Cloud Data Security Conundrum
Faiyaz Shahpurwala, Chief Product and Strategy Officer for FortanixCommentary
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
By Faiyaz Shahpurwala Chief Product and Strategy Officer for Fortanix, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
Latest Security News from RSAC 2020
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
By Dark Reading Staff , 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tips to Improve Your Employees' Mobile Security
Kelly Sheridan, Staff Editor, Dark Reading
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
By Kelly Sheridan Staff Editor, Dark Reading, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
All About SASE: What It Is, Why It's Here, How to Use It
Kelly Sheridan, Staff Editor, Dark ReadingNews
Secure Access Service Edge is a new name for a known and growing architecture designed to strengthen security in cloud environments.
By Kelly Sheridan Staff Editor, Dark Reading, 2/22/2020
Comment0 comments  |  Read  |  Post a Comment
Emotet Malware Rears Its Ugly Head Again
Dark Reading Staff, News
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.
By Special to Dark Reading: Brien Posey, ITPro Today , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
California Man Arrested for Politically Motivated DDoS
Dark Reading Staff, Quick Hits
The distributed denial-of-service attacks took a congressional candidate's website offline for a total of 21 hours during the campaign for office.
By Dark Reading Staff , 2/21/2020
Comment2 comments  |  Read  |  Post a Comment
NRC Health Ransomware Attack Prompts Patient Data Concerns
Dark Reading Staff, Quick Hits
The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed.
By Dark Reading Staff , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Olympics Could Face Disruption from Regional Powers
Robert Lemos, Contributing WriterNews
Destructive attacks and disinformation will likely target the Summer Olympics in Tokyo, two groups of threat experts say.
By Robert Lemos Contributing Writer, 2/21/2020
Comment1 Comment  |  Read  |  Post a Comment
How to Get CISOs & Boards on the Same Page
Joe Schorr, Global Executive Services Director, Optiv SecurityCommentary
These two groups have talked past each other for years, each hobbled by their own tunnel vision and misperceptions.
By Joe Schorr Global Executive Services Director, Optiv Security, 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Security Now Merges With Dark Reading
Tim Wilson, Editor in Chief, Dark Reading, News
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
By Tim Wilson, Editor in Chief, Dark Reading , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Mimecast's Email Security 3.0 Strategy Advances the Way Organizations Combat Email-Based Cyberattacks
ManageEngine Launches Privileged Session Management Solution
BigID Unveils Next-Generation Data Security Capabilities
Securonix Enables Use Case Testing at Full SOC Scale with New Analytics Sandbox Capability
New Enterprise Enhancements to Bugcrowd Platform Deliver Access to Skilled Security Talent and More
Fortanix Announces Availability of Self-Defending Key Management Service on VMware Cloud Marketplace
OneTrust Raises $210M in New Funding
MITRE Engenuity to Evaluate Cybersecurity Products Based on Carbanak and FIN7 Groups
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

edge
Wendy Nather on How to Make Security 'Democratization' a Reality
Ahead of her keynote at the RSA Conference, Cisco's head of advisory CISOs outlines to Dark Reading a unique paradigm that asks security teams to stop fighting their users -- and start sharing control with them.
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
10 Tough Questions CEOs Are Asking CISOs
CEOs today are prepared with better questions than 'Are we secure,' and chief information security officers had better be ready to answer.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9008
PUBLISHED: 2020-02-25
Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor.
CVE-2020-9018
PUBLISHED: 2020-02-25
LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
CVE-2020-9019
PUBLISHED: 2020-02-25
The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description.
CVE-2020-9391
PUBLISHED: 2020-02-25
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been ...
CVE-2020-8793
PUBLISHED: 2020-02-25
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Flash Poll
Video
Slideshows
Twitter Feed