Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules
Maxine Holt, Research Director, OmdiaCommentary
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.
By Maxine Holt Research Director, Omdia, 1/28/2021
Comment0 comments  |  Read  |  Post a Comment
Intl. Law Enforcement Operation Disrupts Emotet Botnet
Kelly Sheridan, Staff Editor, Dark ReadingNews
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.
By Kelly Sheridan Staff Editor, Dark Reading, 1/27/2021
Comment0 comments  |  Read  |  Post a Comment
Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short
Robert Lemos, Contributing WriterNews
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?
By Robert Lemos Contributing Writer, 1/27/2021
Comment1 Comment  |  Read  |  Post a Comment
Security's Inevitable Shift to the Edge
Patrick Sullivan, Akamai CTO, Security StrategyCommentary
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.
By Patrick Sullivan Akamai CTO, Security Strategy, 1/27/2021
Comment0 comments  |  Read  |  Post a Comment
SonicWall Is Latest Security Vendor to Disclose Cyberattack
Kelly Sheridan, Staff Editor, Dark ReadingNews
The network security firm is investigating a coordinated campaign in which attackers exploited vulnerabilities in SonicWall's products.
By Kelly Sheridan Staff Editor, Dark Reading, 1/25/2021
Comment0 comments  |  Read  |  Post a Comment
Small Security Teams Have Big Security Fears, CISOs Report
Dark Reading Staff, Quick Hits
Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.
By Dark Reading Staff , 1/25/2021
Comment0 comments  |  Read  |  Post a Comment
2020's COVID Accelerated Digitalization Demands Stronger Cybersecurity in 2021
Leo Simonovich, VP & Global Head, Industrial Cyber and Digital Security, Siemens EnergyCommentary
As critical infrastructure faces increasing and sophisticated attacks, these trends will enable the energy sector to shore up its cybersecurity defenses.
By Leo Simonovich VP & Global Head, Industrial Cyber and Digital Security, Siemens Energy, 1/25/2021
Comment0 comments  |  Read  |  Post a Comment
Speed of Digital Transformation May Lead to Greater App Vulnerabilities
Robert Lemos, Contributing WriterNews
The fastest-moving industries are struggling to produce secure code, according to AppSec experts.
By Robert Lemos Contributing Writer, 1/22/2021
Comment0 comments  |  Read  |  Post a Comment
Breach Data Shows Attackers Switched Gears in 2020
Robert Lemos, Contributing WriterNews
Attackers focused more on ransomware, while the consolidation of data into large databases led to fewer reported breaches but more records leaked.
By Robert Lemos Contributing Writer, 1/21/2021
Comment0 comments  |  Read  |  Post a Comment
Cloud Jacking: The Bold New World of Enterprise Cybersecurity
Bernie Brode, Nano Product ResearcherCommentary
Increased reliance on cloud computing puts more weight on robust authentication systems to protect data against hijackers.
By Bernie Brode Nano Product Researcher, 1/21/2021
Comment0 comments  |  Read  |  Post a Comment
7 Steps to Secure a WordPress Site
Steve Zurier, Contributing Writer
Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth.
By Steve Zurier Contributing Writer, 1/21/2021
Comment0 comments  |  Read  |  Post a Comment
SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration
Robert Lemos, Contributing WriterNews
During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity.
By Robert Lemos Contributing Writer, 1/20/2021
Comment0 comments  |  Read  |  Post a Comment
Tips for a Bulletproof War Room Strategy
Lee Chieffalo, Technical Director of Cybersecurity Operations at ViasatCommentary
The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets.
By Lee Chieffalo Technical Director of Cybersecurity Operations at Viasat, 1/20/2021
Comment0 comments  |  Read  |  Post a Comment
The Most Pressing Concerns Facing CISOs Today
John Worrall, Chief Executive Officer at ZeroNorthCommentary
Building security into the software development life cycle creates more visibility, but CISOs still need stay on top of any serious threats on the horizon, even if they are largely unknown.
By John Worrall Chief Executive Officer at ZeroNorth, 1/19/2021
Comment0 comments  |  Read  |  Post a Comment
A Security Practitioner's Guide to Encrypted DNS
Jamie Brim, Corelight Security ResearcherCommentary
Best practices for a shifting visibility landscape.
By Jamie Brim Corelight Security Researcher, 1/19/2021
Comment0 comments  |  Read  |  Post a Comment
Successful Malware Incidents Rise as Attackers Shift Tactics
Robert Lemos, Contributing WriterNews
As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says.
By Robert Lemos Contributing Writer, 1/15/2021
Comment0 comments  |  Read  |  Post a Comment
Shifting Privacy Landscape, Disruptive Technologies Will Test Businesses
Robert Lemos, Contributing WriterNews
A new machine learning tool aims to mine privacy policies on behalf of users.
By Robert Lemos Contributing Writer, 1/14/2021
Comment0 comments  |  Read  |  Post a Comment
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan CyberCommentary
Security teams have an abundance of data, but most of it lacks the context necessary to improve remediation outcomes.
By Tal Morgenstern Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021
Comment1 Comment  |  Read  |  Post a Comment
Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
Steve Zurier, Contributing WriterNews
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
By Steve Zurier Contributing Writer, 1/13/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft patched 83 bugs, including a Microsoft Defender zero-day and one publicly known elevation of privilege flaw.
By Kelly Sheridan Staff Editor, Dark Reading, 1/12/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20620
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621
PUBLISHED: 2021-01-28
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2021-20622
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2020-5626
PUBLISHED: 2021-01-28
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.
CVE-2021-3142
PUBLISHED: 2021-01-28
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...