Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
8 Books Security Pros Should Read
Newest First  |  Oldest First  |  Threaded View
Charlotte Galyon
Charlotte Galyon,
User Rank: Apprentice
4/15/2020 | 7:08:23 AM
It's very cool!
It's very cool!
LisaB845
LisaB845,
User Rank: Apprentice
8/24/2017 | 5:30:57 AM
professional logo design
you are so good at this, thanks for the book tips!
silvanosales
silvanosales,
User Rank: Apprentice
5/25/2017 | 11:11:45 AM
Re: novinhas
good
DarkReader007
DarkReader007,
User Rank: Apprentice
4/1/2017 | 3:22:36 PM
Keep Track
Thank you
jonesj26
jonesj26,
User Rank: Author
12/14/2016 | 9:12:56 AM
Good list -- here are some more
Good list.  For those who want to expand into risk management roles, these two are also good reads:

* How to Measure Anything In Cybersecurity

* Measuring and Managing Information Risk: A FAIR Approach

 
Nightwolf76
Nightwolf76,
User Rank: Apprentice
11/29/2016 | 4:05:58 PM
Re: A couple
I think you mean David Thiel.  I'll refrain from posting my opinion on Peter Thiel.
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
11/25/2016 | 5:25:42 PM
A couple
Numerous books come to mind to further suggest.  Spam Nation by Brian Krebs highlights the history of the pharma-spam industry.  And a while ago I reviewed iOS Application Security by Peter Thiel -- which is a decent reference book.
ydm.mendez
ydm.mendez,
User Rank: Apprentice
11/23/2016 | 1:01:44 PM
Future Crimes by Marc Goodman
I think this is a great read for every IT Security professional. 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-46366
PUBLISHED: 2022-12-02
** UNSUPPORTED WHEN ASSIGNED ** Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry ...
CVE-2022-4270
PUBLISHED: 2022-12-02
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally.
CVE-2022-2807
PUBLISHED: 2022-12-02
Algan Yazılım Prens Student Information System product has an unauthenticated SQL Injection vulnerability.
CVE-2022-2808
PUBLISHED: 2022-12-02
Algan Yaz?l?m Prens Student Information System product has an authenticated Insecure Direct Object Reference (IDOR) vulnerability.
CVE-2022-44929
PUBLISHED: 2022-12-02
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.