Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Upcoming Webinars

Webinar Archives
Using Threat Hunting and Threat Intelligence to Strengthen Enterprise Cybersecurity
Date: Oct 19, 2021
View webinar
IT security teams are rapidly learning that an effective cyber defense means gaining a better understanding of attackers and the methods they use. In this Dark Reading webinar, top experts offer insights on how your organization can use emerging tools and practices such as threat hunting and threat intelligence to learn more about potential adversaries and proactively identify potential attacks. Attendees will also learn how they can combine these tools and practices to create an even more effective defense.

How Security Vulnerabilities Are Introduced In the Application Development Process - And How to Stop It
Date: Oct 12, 2021
View webinar
Every day, enterprises deploy application code that contains critical security vulnerabilities - because those flaws went overlooked or unrecognized by the application development team. How do these vulnerabilities escape the development process? In this Dark Reading webinar, top application security experts outline some of the most commonly-occurring vulnerabilities and offer insight on how and why these flaws are introduced during software development. Attendees will learn about tools and practices for eliminating these vulnerabilities, and receive advice and recommendations on how to improve the development process to find and fix application security flaws - before the code is deployed.

The Death of Network Hardware Appliances and the Evolution of Cloud-Native Architectures
Date: Oct 06, 2021
View webinar
Join this informative webinar where you will hear experts discuss the death of network hardware appliances and how cloud-native architectures can help you continue to provide secure, enterprise-class connectivity.

Next-Gen Authentication: A Strategy for MFA, Passwordless, and Beyond
Date: Oct 06, 2021
View webinar
Cyber experts agree: Data cannot become more secure until end user authentication goes beyond the simple password. But what are the right tools and strategies for authentication in your organization? How can you move beyond the password and implement next-generation authentication technology? In this webinar, experts offer a broad look at your options for multifactor authentication, the challenges and pitfalls of these options, and how to develop an authentication strategy that works best for your enterprise.

Tuning your Data Storage Strategy to the Hybrid Cloud
Date: Oct 05, 2021
View webinar
Data storage strategy isnt just about where you put your data, its about how you use your data. As more organizations expand into hybrid cloud environments, they are taking another look at requirements for speed, security, sustainability, retrieval rate, retention/destruction and data governance. What data is right for multiple clouds, and what isnt? How can you prevent potential data exposure and breaches when managing multiple clouds? Learn more and get better prepared with this InformationWeek webinar.

Learn Why XDR Delivers Better Outcomes to Secure Your Endpoints
Date: Sep 30, 2021
View webinar
Endpoint security continues to evolve. The increasing complexity of the threat landscape means we can no longer depend on next-gen antivirus (NGAV) or EDR (Endpoint Detection and Response) alone to protect against sophisticated attacks. It's well known that endpoint attacks are a common and frequently used entry point for attackers to move laterally to other valuable network assets. The good news is that there is a way to get more endpoint security with less effort, it's called eXtended Detection and Response (XDR), and it's available today. XDR is a common sense approach that recognizes that endpoint security must work seamlessly with other security controls, including identity, network, and email to defend against attacks. XDR provides a more holistic and effective approach to threat response. And endpoint security plays a pivotal role in XDRs ability to deliver more simplicity, visibility and efficiency to SecOps teams. Join Cisco security and their customer as they discuss how XDR helped protect their endpoints better with less effort.

Ten Hot Talks from Black Hat 2021
Date: Sep 29, 2021
View webinar
The annual Black Hat USA 2021 in Las Vegas featured a full slate of cybersecurity researchers presenting. They offered up discoveries about new critical security vulnerabilities, new threats, and new security tools that enterprise defenders need to know about as they plan their road maps and adjust their strategic priorities for the future. Join us for the webinar for an overview of the ten hottest presentations and learn about some of the key trends explored by researchers, including supply chain security issues, the use and abuse of artificial intelligence in cybersecurity and other business applications, the latest in social engineering and disinformation, and the goings-on within organized threat groups.

Claim Your Free Event Pass Today - Enterprise Connect 9/27-9/29
Date: Sep 27, 2021
View webinar
Time is running out, secure your FREE Enterprise Connect Virtual Pass today.

Detecting and Stopping Online Attacks
Date: Sep 23, 2021
View webinar
Today's cyber attackers can compromise your systems using a variety of methods, from well-disguised malware to sophisticated, targeted exploits aimed right at your company. How can you identify these attacks quickly and respond effectively? In this Dark Reading webinar, top experts discuss executive strategies and actionable methods your security operations team can use to detect different types of attacks and trigger a quick, effective response.

The Latest Cloud Security Threats & How to Combat Them
Date: Sep 22, 2021
View webinar
More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. And cyber attackers have adapted accordingly. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications and implementations and give advice on how to use the cloud more securely.

3 Ways to Detect and Prevent Man-in-the-Middle Attacks
Date: Sep 21, 2021
View webinar
Join this webinar as cybersecurity expert Matt Petrosky, VP of Product Management at GreatHorn Email Security discusses 2021 supply chain, MitM and vendor email compromise attack trends, dissection of 3 examples and techniques used, and requirements and considerations to detect

Keep Phishing Attacks Out of Your Inbox, Implement DMARC the Right Way
Date: Sep 21, 2021
View webinar
In this webinar, Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way. You'll also discover six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.