Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

News & Commentary
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
By Kelly Sheridan Staff Editor, Dark Reading, 7/15/2019
Comment3 comments  |  Read  |  Post a Comment
NIST Sets Draft Guidelines for Government AI
Dark Reading Staff, Quick Hits
This is the first formal step in writing the standards that will guide the implementation of AI technologies within the federal government.
By Dark Reading Staff , 7/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Toyota's Car-Hacking Tool Now Available
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
'PASTA' hardware and software kit now retails for $28,300.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/2/2019
Comment0 comments  |  Read  |  Post a Comment
Chronicle Folds into Google
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Alphabet's enterprise cybersecurity division will become part of the Google security portfolio.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/27/2019
Comment3 comments  |  Read  |  Post a Comment
7 Ways to Mitigate Supply Chain Attacks
Jai Vijayan, Contributing Writer
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
By Jai Vijayan Contributing Writer, 6/27/2019
Comment5 comments  |  Read  |  Post a Comment
Developers and Security Teams Under Pressure to Collaborate
Kelly Sheridan, Staff Editor, Dark ReadingNews
The challenges and benefits to getting two traditionally adversarial groups on the same page.
By Kelly Sheridan Staff Editor, Dark Reading, 6/26/2019
Comment12 comments  |  Read  |  Post a Comment
McAfee Sues 3 Former Staffers Now at Rival Tanium
Dark Reading Staff, Quick Hits
Lawsuit alleges sales representatives stole trade secrets from McAfee before joining Tanium.
By Dark Reading Staff , 6/26/2019
Comment1 Comment  |  Read  |  Post a Comment
Startup Raises $13.7M to Stop Breaches with Behavioral Analytics
Dark Reading Staff, Quick Hits
TrueFort plans to use the funding to expand sales, marketing, R&D, customer support, and go-to-market initiatives.
By Dark Reading Staff , 6/21/2019
Comment1 Comment  |  Read  |  Post a Comment
7 2019 Security Venture Fund Deals You Should Know
Curtis Franklin Jr., Senior Editor at Dark Reading
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/20/2019
Comment0 comments  |  Read  |  Post a Comment
Google Targets Deceptive Sites with New Chrome Tools
Dark Reading Staff, Quick Hits
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
By Dark Reading Staff , 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Better Cybersecurity Research Requires More Data Sharing
Robert Lemos, Contributing WriterNews
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
By Robert Lemos Contributing Writer, 6/14/2019
Comment1 Comment  |  Read  |  Post a Comment
CrowdStrike Prices IPO Above Range at $34
Kelly Sheridan, Staff Editor, Dark ReadingNews
The endpoint security firm raised $612 million ahead of today's public debut.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Predicting Vulnerability Weaponization
Srinivas Mukkamala, Co-founder & CEO, RiskSenseCommentary
Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline.
By Srinivas Mukkamala Co-founder & CEO, RiskSense, 6/12/2019
Comment3 comments  |  Read  |  Post a Comment
Massive Changes to Tech and Platforms, But Cybercrime? Not So Much
Robert Lemos, Contributing WriterNews
The still-relevant recommendation is to invest more in law enforcement, concludes an economic study of cybercrime.
By Robert Lemos Contributing Writer, 6/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Senior Executives More Involved with SOC Operations, Report Finds
Dark Reading Staff, Quick Hits
But they are still subject to the same alert fatigue and false-positive issues their junior employees face.
By Dark Reading Staff , 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Confirms PureSec Acquisition
Dark Reading Staff, Quick Hits
The company also agreed to buy container security company Twistlock as it develops its cloud security suite.
By Dark Reading Staff , 5/30/2019
Comment1 Comment  |  Read  |  Post a Comment
Don't Just Tune Your SIEM, Retune It
Robin Hicks, IT Security Engineer, CEDAR CX TechnologiesCommentary
Your SIEM isn't a set-it-and-forget-it proposition. It's time for a spring cleaning.
By Robin Hicks IT Security Engineer, CEDAR CX Technologies, 5/29/2019
Comment0 comments  |  Read  |  Post a Comment
Emotet Made Up 61% of Malicious Payloads in Q1
Kelly Sheridan, Staff Editor, Dark ReadingNews
The botnet has displaced credential stealers, stand-alone downloaders, and RATs in the overall threat landscape.
By Kelly Sheridan Staff Editor, Dark Reading, 5/29/2019
Comment1 Comment  |  Read  |  Post a Comment
FireEye Buys Verodin for $250 Million
Dark Reading Staff, Quick Hits
Acquisition of security instrumentation firm will add more than $70 million to 2020 billing, FireEye estimates.
By Dark Reading Staff , 5/28/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13640
PUBLISHED: 2019-07-17
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed.
CVE-2019-5222
PUBLISHED: 2019-07-17
There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful ...
CVE-2019-1919
PUBLISHED: 2019-07-17
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account w...
CVE-2019-1920
PUBLISHED: 2019-07-17
A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling conditi...
CVE-2019-1923
PUBLISHED: 2019-07-17
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by access...