Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

News & Commentary
Physical Security Has a Lot of Catching Up to Do
Peter George, Chief Executive Officer at Evolv TechnologyCommentary
The transformation we need: merging the network operations center with the physical security operations center.
By Peter George Chief Executive Officer at Evolv Technology, 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Kelly Sheridan, Staff Editor, Dark ReadingNews
Following the NSA's list of 25 security flaws often weaponized by Chinese attackers, researchers evaluated how they're used around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 10/27/2020
Comment0 comments  |  Read  |  Post a Comment
The Story of McAfee: How the Security Giant Arrived at a Second IPO
Kelly Sheridan, Staff Editor, Dark ReadingNews
Industry watchers explore the story of McAfee, from its founding in 1987, to its spinoff from Intel, to how it's keeping up with competitors.
By Kelly Sheridan Staff Editor, Dark Reading, 10/26/2020
Comment0 comments  |  Read  |  Post a Comment
Dealing With Insider Threats in the Age of COVID
Hitesh Sheth, CEO, VectraCommentary
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
By Hitesh Sheth CEO, Vectra, 10/21/2020
Comment0 comments  |  Read  |  Post a Comment
Farsight Labs Launched as Security Collaboration Platform
Dark Reading Staff, Quick Hits
Farsight Security's platform will offer no-cost access to certain tools and services.
By Dark Reading Staff , 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
Businesses Rethink Endpoint Security for 2021
Kelly Sheridan, Staff Editor, Dark ReadingNews
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
By Kelly Sheridan Staff Editor, Dark Reading, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
A New Risk Vector: The Enterprise of Things
Greg Clark, CEO, Forescout Technologies Inc.Commentary
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
By Greg Clark CEO, Forescout Technologies Inc., 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
The Ruthless Cyber Chaos of Business Recovery
Emil Sayegh, CEO and President, NtiretyCommentary
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.
By Emil Sayegh CEO and President, Ntirety, 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Cloud Misconfiguration Mishaps Businesses Must Watch
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud security experts explain which misconfigurations are most common and highlight other areas of the cloud likely to threaten businesses.
By Kelly Sheridan Staff Editor, Dark Reading, 9/30/2020
Comment0 comments  |  Read  |  Post a Comment
Vulnerability in Wireless Router Chipsets Prompts Advisory
Dark Reading Staff, Quick Hits
Synopsys issues an advisory for vulnerabilities affecting the chipsets of wireless routers from Qualcomm, Mediatek, and Realtek.
By Dark Reading Staff , 9/29/2020
Comment0 comments  |  Read  |  Post a Comment
Ivanti Acquires Two Security Companies
Dark Reading Staff, Quick Hits
Purchase of MobileIron and Pulse Secure announced simultaneously.
By Dark Reading Staff , 9/28/2020
Comment0 comments  |  Read  |  Post a Comment
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading
Cloud and network security analysts outline trends and priorities businesses should keep top of mind as they grow more reliant on cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 9/28/2020
Comment3 comments  |  Read  |  Post a Comment
Since Remote Work Isn't Going Away, Security Should Be the Focus
Mike Wronski, Technical Director of Product Marketing, NutanixCommentary
These three steps will help organizations reduce long-term work-from-home security risks.
By Mike Wronski Technical Director of Product Marketing, Nutanix, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Azure Defender for IoT Uses CyberX Tech
Dark Reading Staff, Quick Hits
Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.
By Dark Reading Staff , 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
Dov Lerner, Security Research Lead, SixgillCommentary
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
By Dov Lerner Security Research Lead, Sixgill, 9/23/2020
Comment1 Comment  |  Read  |  Post a Comment
Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
Also, the US Treasury sanctioned Iranian attack group APT39 following a years-long malware campaign.
By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers examine security incidents over the past several years that seemingly connect North Korea's Lazarus Group with Russian-speaking attackers.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Juan Pablo Perez-Etchegoyen, CTO, OnapsisCommentary
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
By Juan Pablo Perez-Etchegoyen CTO, Onapsis, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption
Eric Parizo, Senior Analyst, OmdiaCommentary
Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.
By Eric Parizo Senior Analyst, Omdia, 9/15/2020
Comment0 comments  |  Read  |  Post a Comment
Security Through an Economics Lens: A Guide for CISOs
Kelly Sheridan, Staff Editor, Dark ReadingNews
An expert in economics and cybersecurity applies opportunity cost and other concepts of the "dismal science" to infosec roles.
By Kelly Sheridan Staff Editor, Dark Reading, 9/14/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by JohnHammond
Current Conversations Nice article!
In reply to: Great!
Post Your Own Reply
Posted by TimKorry
Current Conversations Great tips. Thanks
In reply to: Great tips
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5144
PUBLISHED: 2020-10-28
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
CVE-2020-5145
PUBLISHED: 2020-10-28
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
CVE-2020-27956
PUBLISHED: 2020-10-28
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).
CVE-2020-27957
PUBLISHED: 2020-10-28
The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.
CVE-2020-16140
PUBLISHED: 2020-10-27
The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS.