Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

News & Commentary
The Story of McAfee: How the Security Giant Arrived at a Second IPO
Kelly Sheridan, Staff Editor, Dark ReadingNews
Industry watchers explore the story of McAfee, from its founding in 1987, to its spinoff from Intel, to how it's keeping up with competitors.
By Kelly Sheridan Staff Editor, Dark Reading, 10/26/2020
Comment0 comments  |  Read  |  Post a Comment
US Treasury Sanctions Russian Institution Linked to Triton Malware
Dark Reading Staff, Quick Hits
Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports.
By Dark Reading Staff , 10/23/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 10/23/2020
Comment20 comments  |  Read  |  Post a Comment
A Pause to Address 'Ethical Debt' of Facial Recognition
Mike Kiser, Global Security Advocate, Office of the CTO, SailPointCommentary
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
By Mike Kiser Global Security Advocate, Office of the CTO, SailPoint, 10/23/2020
Comment0 comments  |  Read  |  Post a Comment
McAfee Raises $740M in Second IPO
Dark Reading Staff, Quick Hits
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.
By Dark Reading Staff , 10/22/2020
Comment0 comments  |  Read  |  Post a Comment
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Michael Piccalo, Director, OT/ICS Systems Engineering, Forescout TechnologiesCommentary
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.
By Michael Piccalo Director, OT/ICS Systems Engineering, Forescout Technologies, 10/22/2020
Comment0 comments  |  Read  |  Post a Comment
Dealing With Insider Threats in the Age of COVID
Hitesh Sheth, CEO, VectraCommentary
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
By Hitesh Sheth CEO, Vectra, 10/21/2020
Comment0 comments  |  Read  |  Post a Comment
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, KrollCommentary
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
By Alan Brill Senior Managing Director, Cyber Risk Practice, Kroll, 10/21/2020
Comment1 Comment  |  Read  |  Post a Comment
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat ResearcherCommentary
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
By David Pearson Principal Threat Researcher, 10/21/2020
Comment1 Comment  |  Read  |  Post a Comment
Farsight Labs Launched as Security Collaboration Platform
Dark Reading Staff, Quick Hits
Farsight Security's platform will offer no-cost access to certain tools and services.
By Dark Reading Staff , 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
Businesses Rethink Endpoint Security for 2021
Kelly Sheridan, Staff Editor, Dark ReadingNews
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
By Kelly Sheridan Staff Editor, Dark Reading, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
Building the Human Firewall
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
A New Risk Vector: The Enterprise of Things
Greg Clark, CEO, Forescout Technologies Inc.Commentary
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
By Greg Clark CEO, Forescout Technologies Inc., 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
London Borough of Hackney Investigates 'Serious' Cyberattack
Dark Reading Staff, Quick Hits
London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems.
By Dark Reading Staff , 10/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Fixes Critical Windows TCP/IP Flaw in Patch Rollout
Kelly Sheridan, Staff Editor, Dark ReadingNews
The October 2020 Patch Tuesday fixed 87 vulnerabilities, including 21 remote code execution flaws, in Microsoft products and services.
By Kelly Sheridan Staff Editor, Dark Reading, 10/13/2020
Comment0 comments  |  Read  |  Post a Comment
Where Are the 'Great Exits' in the Data Security Market?
Dave Cole, Cofounder and CEO, Open RavenCommentary
If data security were a student, its report card would read "Not performing to potential." Here's why.
By Dave Cole Cofounder and CEO, Open Raven, 10/13/2020
Comment0 comments  |  Read  |  Post a Comment
Online Voting Is Coming, but How Secure Will It Be?
Brad Brooks, CEO of OneLoginCommentary
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
By Brad Brooks CEO of OneLogin, 10/13/2020
Comment0 comments  |  Read  |  Post a Comment
A 7-Step Cybersecurity Plan for Healthcare Organizations
Steve Zurier, Contributing Writer
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
By Steve Zurier Contributing Writer, 10/12/2020
Comment1 Comment  |  Read  |  Post a Comment
CISOs Planning on Bigger Budgets: Report
Dark Reading Staff, Quick Hits
Budgets are on the rise, even in a time of revenue worries across the industry.
By Dark Reading Staff , 10/9/2020
Comment0 comments  |  Read  |  Post a Comment
Why MSPs Are Hacker Targets, and What To Do About It
John Hammond, Senior Security Researcher at HuntressCommentary
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
By John Hammond Senior Security Researcher at Huntress, 10/9/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7751
PUBLISHED: 2020-10-26
This affects all versions of package pathval.
CVE-2020-27678
PUBLISHED: 2020-10-26
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
CVE-2020-27388
PUBLISHED: 2020-10-23
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.