Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by DarkReadingTim

DarkReadingTim
Member Since: March 12, 2014
Strategist
Blog Posts: 1718
Posts: 238

Most Recently Posted

All (100)           Blogs (33)           Comments (67)          
All
Dark Reading Celebrates 15th Anniversary
Commentary  |  5/3/2021  | 
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
Dark Reading Launches New Section on Physical Security
Commentary  |  8/24/2020  | 
Partnership with IFSEC enables Dark Reading to cover new areas of security and expand its audience.
Omdia Research Launches Page on Dark Reading
Commentary  |  7/9/2020  | 
Data and insight from a leading cybersecurity research and analysis team will broaden the information available to security professionals and technology vendors.
Black Hat Survey: Breach Concerns Hit Record Levels Due to COVID-19
News  |  6/24/2020  | 
Annual "Black Hat USA Attendee Survey" indicates unprecedented concern over possible compromises of enterprise networks and US critical infrastructure.
Security Now Merges With Dark Reading
News  |  2/21/2020  | 
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
Consumer Data, Upcoming Elections Are at Risk, Black Hat Survey Says
News  |  7/1/2019  | 
Newly published '2019 Black Hat USA Attendee Survey' recommends users stay off social media and remain wary of products that promise to solve security problems.
Dark Reading Launches The Edge to Expand Security Coverage
Edge-DRsplash-10-edge-articles  |  7/1/2019  | 
New 'Sunday magazine' section offers deeper insights on cyber defense, educational materials, and human interest stories.
About The Edge
Edge-DRsplash-10-edge-articles  |  7/1/2019  | 
Like a Sunday magazine in a daily newspaper, The Edge offers a variety of value-add content.
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
News  |  11/14/2018  | 
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data and are fearful of a near-term breach of critical infrastructure.
How Can We Improve the Conversation Among Blue Teams?
Commentary  |  8/27/2018  | 
Dark Reading seeks new ways to bring defenders together to share information and best practices
Dark Reading Launches Second INsecurity Conference
News  |  6/5/2018  | 
To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions
INsecurity Conference Seeks Security Pros to Speak on Best Practices
News  |  4/16/2018  | 
Dark Reading's second annual data defense conference will be held Oct. 23-25 in Chicago; call for speakers is issued.
Greg Touhill: How an Air Force Lieutenant Became One of Cybersecurity's Top Guns
News  |  11/8/2017  | 
Security Pro File: After leading cyber efforts in the military, DHS, and the federal government, the former Federal CISO now sets his sights on new security technology.
Its Time to Change the Cybersecurity Conversation
Commentary  |  10/30/2017  | 
The IT security industry needs more balance between disclosure of threats and discussion of defense practices and greater sharing of ideas
A New Model for 'Mathematically Provable Security'
A New Model for 'Mathematically Provable Security'
Dark Reading Videos  |  9/14/2017  | 
Winn Schwartau, CEO of The Security Awareness Company, says we all know the old model of security is broken and it's time for a new one.
Paul Vixie: How CISOs Can Use DNS to Up Security
Paul Vixie: How CISOs Can Use DNS to Up Security
Dark Reading Videos  |  9/11/2017  | 
FarSight CEO and DNS master Paul Vixie explains how enterprises, not just telecoms and infrastructure providers, can use DNS to improve cybersecurity.
Why Most Security Awareness Training Fails (And What To Do About It)
Why Most Security Awareness Training Fails (And What To Do About It)
Dark Reading Videos  |  8/22/2017  | 
Arun Vishwanath discusses why awareness training shouldn't apply the same cure to every ailment then blame the patient when the treatment doesn't work.
The Benefits of Exploiting Attackers' Favorite Tools
The Benefits of Exploiting Attackers' Favorite Tools
Dark Reading Videos  |  8/22/2017  | 
Symantec senior threat researcher Waylon Grange explains that attackers write vulnerable code, too.
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
News  |  7/6/2017  | 
Significant compromises are not just feared, but expected, Black Hat attendees say.
Dark Reading INsecurity Conference Registration Now Open
Commentary  |  6/21/2017  | 
November event will focus on attendee interaction, "blue team" best practices.
Hollywood Film Studio Seeks Up-And-Coming Hackers for Reality TV Show
Quick Hits  |  6/2/2017  | 
New program on major cable network will feature competitions, personalities.
The Cyber Threat From Russia and China: Myths and Realities
Dark Reading University  |  2/27/2017  | 

Over the last few years, hackers from Russia and China have been accused of everything from re-routing the Internet to tampering with U.S. elections. But if you’re a U.S.-based enterprise tasked with protecting critical data, how worried should you be? Could state-sponsored attackers from Russia and China be targeting your network? In this eye-opening webinar, you’ll hear from experts who have studied the behavior of these two superpowers’ hacking teams. You’ll get insight on what Russian and Chinese hackers are really doing – and what they aren’t doing. Most importantly, you’ll get some advice on the threat to your U.S.-based organization – and how to protect your sensitive data.  

When you attend this webinar, you will:

  • Hear about the activities and exploits performed by state-sponsored hacking teams in Russia and China
  • Debunk some of the myths surrounding these groups to gain insight on the real threats
  • Learn how to detect and recognize the types of attacks launched by these highly-trained hacking teams
  • Get expert advice on how to protect your organization’s data from state-sponsored threats
The State of the Enterprise Security Department
Dark Reading University  |  1/19/2017  | 
Speakers: Tim Wilson, Editor in Chief, Dark Reading; Sara Peters, Senior Editor, Dark Reading

Sponsor Speaker: Matthew Gardiner, Senior Product Marketing Manager, Mimecast

Thanks to a plethora of major and very public data breaches, security has become one of the most critical issues in IT. What are the chief threats that security departments face, and what are they doing about them? What are today's top priorities for security professionals? This session will include data from two recent surveys of IT and security executives.

Submit your questions to [email protected] with the title of the session in the subject line to engage with our presenters.
Dark Reading Virtual Event Seeks To Break Security Myths, Conventional Wisdom
Commentary  |  11/14/2016  | 
Three keynotes, two panel sessions offer new ways to think about enterprise information security.
Best Of Black Hat Innovation Awards: And The Winners Are
Commentary  |  8/3/2016  | 
Three companies and leaders who think differently about security: Deep Instinct, most innovative startup; Vectra, most innovative emerging company; Paul Vixie, most innovative thought leader.
Dark Reading Launches Best Of Black Hat Awards Program; Finalists Selected
Commentary  |  7/12/2016  | 
New awards recognize innovation on Black Hat exhibit floor, including startups, emerging companies, and industry thinkers.
The End Of A Security Decade -- And The Beginning Of A New One
Commentary  |  6/10/2016  | 
Dark Reading wraps up its 10th anniversary coverage with a final look back at the decade -- and a look ahead.
10 Sea-Changing IT Security Trends Of The Last 10 Years
News  |  5/31/2016  | 
A look at ten of the megatrends that have shaped IT security -- and in some cases, enterprise business -- over the last decade.
Dark Reading Marks 10th Anniversary With Month Of Special Coverage
Commentary  |  4/25/2016  | 
Looking back at the decade in security.
Dark Reading Launches Jobs Board
Commentary  |  8/4/2015  | 
New feature will help hiring companies and security job seekers find each other online.
Dark Reading Preps Week Of Show Coverage At Black Hat USA
Commentary  |  8/3/2015  | 
If you want to know what's happening in Las Vegas this week at Black Hat, Dark Reading's got the scoop.
Poor Priorities, Lack Of Resources Put Enterprises At Risk, Security Pros Say
News  |  7/15/2015  | 
In Black Hat survey, security professionals say misplaced enterprise priorities often leave them without the time and budget they need to address the most critical threats.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-43790
PUBLISHED: 2021-11-30
Lucet is a native WebAssembly compiler and runtime. There is a bug in the main branch of `lucet-runtime` affecting all versions published to crates.io that allows a use-after-free in an Instance object that could result in memory corruption, data race, or other related issues. This bug was introduce...
CVE-2021-44428
PUBLISHED: 2021-11-29
Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1.
CVE-2021-44429
PUBLISHED: 2021-11-29
Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145.
CVE-2021-44427
PUBLISHED: 2021-11-29
An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
CVE-2021-43783
PUBLISHED: 2021-11-29
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend ho...