Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

DRTV

A CISO's View of Mobile Security Strategy, With Stacey Halota
A CISO's View of Mobile Security Strategy, With Stacey Halota
Dark Reading Videos  |  8/31/2015  | 
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
Dark Reading Videos  |  8/27/2015  | 
Veracode's Chris Wysopal visits the Dark Reading News Desk at Black Hat to discuss application security, what CISOs' top priorities are, and what they should be.
A Virtual Tour of IBMs SOCs, With Roger Hellman
A Virtual Tour of IBMs SOCs, With Roger Hellman
Dark Reading Videos  |  8/27/2015  | 
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
Catching Attackers With A Security Delivery Platform
Catching Attackers With A Security Delivery Platform
Dark Reading Videos  |  8/27/2015  | 
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Dark Reading Videos  |  8/27/2015  | 
Gautam Aggarwal, CMO of Bay Dynamics, visits Dark Reading News Desk at Black Hat to explain that its important to not just develop a cybersecurity strategy, but to also better understand what your security blind spots are.
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Evolution Of The CISO And The Board: BAE Systems Jim Anderson Explains
Dark Reading Videos  |  8/27/2015  | 
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
Dark Reading Videos  |  8/27/2015  | 
You can't protect what you can't find. Arian Evans, vice president of product marketing for RiskIQ, joins the Dark Reading News Desk at Black Hat to explain how to discover all your assets.
Kelly's Glimpse Of Black Hat
Kelly's Glimpse Of Black Hat
Dark Reading Videos  |  8/26/2015  | 
Dark Reading executive editor Kelly Jackson Higgins talks through the top trends and sessions, and how the industry has evolved since her first trip to Black Hat.
Paul Vixie On DNS Security & Botnet Takedowns
Paul Vixie On DNS Security & Botnet Takedowns
Dark Reading Videos  |  8/24/2015  | 
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
Pen Testing A Smart City
Pen Testing A Smart City
Dark Reading Videos  |  8/21/2015  | 
Black Hat speakers visit the Dark Reading News Desk to discuss the stunning complexity and many soft spots of a metropolis full of IoT devices.
Re-evaluating Ransomware, Without The Hype
Re-evaluating Ransomware, Without The Hype
Dark Reading Videos  |  8/18/2015  | 
Engin Kirda, chief architect of LastLine, joins the Dark Reading News Desk at Black Hat Aug. 5 to explain why most ransomware isn't as scary as we think.
An Apple Fanboi Writing Malware For Mac OSX
An Apple Fanboi Writing Malware For Mac OSX
Dark Reading Videos  |  8/18/2015  | 
Patrick Wardle, director of research for Synack, spoke about his "Writing [email protected]$$ Malware for OS X" session at the Dark Reading News Desk at Black Hat.
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Dark Reading Videos  |  8/17/2015  | 
Chief security strategist of FireEye talks at the Dark Reading News Desk at Black Hat about attribution, the war on encryption, and what should drive your security department.
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Dark Reading Videos  |  8/12/2015  | 
Former cybersecurity advisor to the White House talks to Sara Peters at Black Hat about information sharing, attribution, cybersecurity legislation, and his new start-up.


Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1114
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVE-2012-1115
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVE-2012-1592
PUBLISHED: 2019-12-05
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
CVE-2019-16770
PUBLISHED: 2019-12-05
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.
CVE-2019-19609
PUBLISHED: 2019-12-05
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.