Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint Security: Putting The Focus On What Matters
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program.
By Manish Patel Senior Product Marketing Manager, Tenable, 10/29/2015
Comment1 Comment  |  Read  |  Post a Comment
Are You Making This Endpoint Security Mistake?
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Detecting threats isnt enough. You must also remediate vulnerable endpoints and employ continuous monitoring to reduce exposure.
By Manish Patel Senior Product Marketing Manager, Tenable, 10/19/2015
Comment0 comments  |  Read  |  Post a Comment
Asset Segmentation: The Key To Control
Ted Gary, Product Marketing Manager, TenableCommentary
Automated asset segmentation and classification helps focus strong security controls where they are needed most.
By Ted Gary Product Marketing Manager, Tenable, 10/15/2015
Comment0 comments  |  Read  |  Post a Comment
3 Steps To Knowing Your Network
Ted Gary, Product Marketing Manager, TenableCommentary
Managing your IT assets is a daily effort requiring vigilance and persistence.
By Ted Gary Product Marketing Manager, Tenable, 9/29/2015
Comment0 comments  |  Read  |  Post a Comment
Buyer Beware: How To Avoid Getting Sucked Into Shelfware
Gavin Millard, Technical Director, EMEA, Tenable Network SecurityCommentary
Three simple questions can help ensure you get the most value out of your information security investments.
By Gavin Millard Technical Director, EMEA, Tenable Network Security, 9/22/2015
Comment0 comments  |  Read  |  Post a Comment
Why Is Endpoint Security Failing?
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Endpoint security assurance is not just about detecting threats, but about building a more effective endpoint security program.
By Manish Patel Senior Product Marketing Manager, Tenable, 9/17/2015
Comment2 comments  |  Read  |  Post a Comment
Get Fit: Remove Security Weaknesses
Ted Gary, Product Marketing Manager, TenableCommentary
Preventing problems by strengthening security is often more effective and less expensive than reacting to breaches after they occur.
By Ted Gary Product Marketing Manager, Tenable, 9/10/2015
Comment0 comments  |  Read  |  Post a Comment
Your Worst Day In IT
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Turns out the most common culprits aren't what you might think.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Flash: Web Browser Plugins Are Vulnerable
Gavin Millard, Technical Director, EMEA, Tenable Network SecurityCommentary
Maybe its time to uninstall Flash for those that dont need it and continuously monitor those that do.
By Gavin Millard Technical Director, EMEA, Tenable Network Security, 8/27/2015
Comment1 Comment  |  Read  |  Post a Comment
How Much Threat Intelligence Is Too Much?
Steve Hall, VP of Product Marketing, Tenable Network Security, Inc.Commentary
Turn your threat data into actionable intelligence by focusing on what is relevant to you and your organization.
By Steve Hall VP of Product Marketing, Tenable Network Security, Inc., 8/20/2015
Comment0 comments  |  Read  |  Post a Comment
How Can We Work Smarter In Security?
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Attendees at the 2015 Black Hat Conference in Las Vegas weigh in.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 8/11/2015
Comment0 comments  |  Read  |  Post a Comment
What Should the Users of Ashley Madison Do?
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Security-minded professionals offer their advice at Black Hat party.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 8/6/2015
Comment2 comments  |  Read  |  Post a Comment
What 30 Classic Games Can Teach Us about Security
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Information security experts share their thoughts on how participating in games and sports helped hone their professional skills.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 7/28/2015
Comment3 comments  |  Read  |  Post a Comment
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-34918
PUBLISHED: 2022-07-04
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an u...
CVE-2022-34829
PUBLISHED: 2022-07-04
Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API.
CVE-2022-31600
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and informat...
CVE-2022-31601
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-31602
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.