Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint Security: Putting The Focus On What Matters
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program.
By Manish Patel Senior Product Marketing Manager, Tenable, 10/29/2015
Comment1 Comment  |  Read  |  Post a Comment
Are You Making This Endpoint Security Mistake?
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Detecting threats isnt enough. You must also remediate vulnerable endpoints and employ continuous monitoring to reduce exposure.
By Manish Patel Senior Product Marketing Manager, Tenable, 10/19/2015
Comment0 comments  |  Read  |  Post a Comment
Asset Segmentation: The Key To Control
Ted Gary, Product Marketing Manager, TenableCommentary
Automated asset segmentation and classification helps focus strong security controls where they are needed most.
By Ted Gary Product Marketing Manager, Tenable, 10/15/2015
Comment0 comments  |  Read  |  Post a Comment
3 Steps To Knowing Your Network
Ted Gary, Product Marketing Manager, TenableCommentary
Managing your IT assets is a daily effort requiring vigilance and persistence.
By Ted Gary Product Marketing Manager, Tenable, 9/29/2015
Comment0 comments  |  Read  |  Post a Comment
Buyer Beware: How To Avoid Getting Sucked Into Shelfware
Gavin Millard, Technical Director, EMEA, Tenable Network SecurityCommentary
Three simple questions can help ensure you get the most value out of your information security investments.
By Gavin Millard Technical Director, EMEA, Tenable Network Security, 9/22/2015
Comment0 comments  |  Read  |  Post a Comment
Why Is Endpoint Security Failing?
Manish Patel, Senior Product Marketing Manager, TenableCommentary
Endpoint security assurance is not just about detecting threats, but about building a more effective endpoint security program.
By Manish Patel Senior Product Marketing Manager, Tenable, 9/17/2015
Comment2 comments  |  Read  |  Post a Comment
Get Fit: Remove Security Weaknesses
Ted Gary, Product Marketing Manager, TenableCommentary
Preventing problems by strengthening security is often more effective and less expensive than reacting to breaches after they occur.
By Ted Gary Product Marketing Manager, Tenable, 9/10/2015
Comment0 comments  |  Read  |  Post a Comment
Your Worst Day In IT
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Turns out the most common culprits aren't what you might think.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Flash: Web Browser Plugins Are Vulnerable
Gavin Millard, Technical Director, EMEA, Tenable Network SecurityCommentary
Maybe its time to uninstall Flash for those that dont need it and continuously monitor those that do.
By Gavin Millard Technical Director, EMEA, Tenable Network Security, 8/27/2015
Comment1 Comment  |  Read  |  Post a Comment
How Much Threat Intelligence Is Too Much?
Steve Hall, VP of Product Marketing, Tenable Network Security, Inc.Commentary
Turn your threat data into actionable intelligence by focusing on what is relevant to you and your organization.
By Steve Hall VP of Product Marketing, Tenable Network Security, Inc., 8/20/2015
Comment0 comments  |  Read  |  Post a Comment
How Can We Work Smarter In Security?
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Attendees at the 2015 Black Hat Conference in Las Vegas weigh in.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 8/11/2015
Comment0 comments  |  Read  |  Post a Comment
What Should the Users of Ashley Madison Do?
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Security-minded professionals offer their advice at Black Hat party.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 8/6/2015
Comment2 comments  |  Read  |  Post a Comment
What 30 Classic Games Can Teach Us about Security
David Spark, Veteran Tech journalist and founder of Spark Media SolutionsCommentary
Information security experts share their thoughts on how participating in games and sports helped hone their professional skills.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 7/28/2015
Comment3 comments  |  Read  |  Post a Comment
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16413
PUBLISHED: 2019-09-19
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
CVE-2019-3738
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
CVE-2019-3739
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
CVE-2019-3740
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
CVE-2019-3756
PUBLISHED: 2019-09-18
RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to low-privileged RSA Archer users' UI under certain error conditions.