Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Webinar Archives

Upcoming Webinars
Building a Security Culture
Date: Nov 14, 2019

View archived webinar

Most successful cyber security incidents involve a human at your business -- being manipulated, making an honest mistake, or deliberately taking malicious action. So to defend your organization from any cyber threat, all your users must be ever-vigilant: from your app developers to your accountants, from the CEO to the interns. So how do you build a business-wide culture that values security? How do you not only properly educate users on the threats, but make them care about them? In this webinar, learn the elements of a security culture, how to build one at your organization, and how to know it’s working.

Strategies for Protecting Mission-Critical Data
Date: Nov 06, 2019

View archived webinar

Whether it’s customer lists, intellectual property, or a secret recipe, your mission-critical data is what makes your organization unique – the lifeblood of your enterprise. Yet, with one shrewd exploit, an online attacker – or even one of your own employees – could break the security of that critical information. What steps should you be taking to protect it?

Strategies For Protecting Mission-Critical Data, a free, all-day online conference produced by the editors of Dark Reading, offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. You’ll get insight on how to store critical information securely, and how to ensure its security when it is passed across networks. Top security experts will discuss data encryption strategies, on-premises infrastructure defenses, and how to protect mission-critical data across cloud services, network providers, and partner/supplier environments. You’ll get expert viewpoints and recommendations on how to protect your mission-critical data, and advice on how to identify and protect sensitive data that might be handled outside the IT department’s knowledge or control.

Among the topics that will be covered at Strategies for Protecting Mission-Critical Data:

  • Processes and best practices for identifying sensitive data across the enterprise
  • Tips and tools for ensuring that even “trusted users” cannot access or exfiltrate important data without authorization
  • The latest technologies and strategies for protecting on-premises infrastructure, including networks, servers, and storage systems
  • Strategies for encrypting sensitive information, both in storage and in motion across networks
  • Methods for ensuring that business partners handle sensitive information as securely as your own users
  • Recommendations for working with cloud operators and other service providers to ensure the security of data traveling across their networks
  • Special steps you can take to provide extra protection for your most essential data and information

If you want to know more about the available tools and best practices for protecting mission-critical data from cyberattack – and get some help choosing the right methods and technologies for your own organization -- then this virtual event is for you. Register today!

Strategies for Protecting Mission-Critical Data
Date: Nov 06, 2019

View archived webinar

Whether it’s customer lists, intellectual property, or a secret recipe, your mission-critical data is what makes your organization unique – the lifeblood of your enterprise. Yet, with one shrewd exploit, an online attacker – or even one of your own employees – could break the security of that critical information. What steps should you be taking to protect it?

Strategies For Protecting Mission-Critical Data, a free, all-day online conference produced by the editors of Dark Reading, offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. You’ll get insight on how to store critical information securely, and how to ensure its security when it is passed across networks. Top security experts will discuss data encryption strategies, on-premises infrastructure defenses, and how to protect mission-critical data across cloud services, network providers, and partner/supplier environments. You’ll get expert viewpoints and recommendations on how to protect your mission-critical data, and advice on how to identify and protect sensitive data that might be handled outside the IT department’s knowledge or control.

Implementing an Effective Defense Against Ransomware
Date: Nov 05, 2019

View archived webinar

Ransomware has become one of the fastest-growing cyber threats faced by enterprises today, not to mention municipal governments, hospitals and schools. What are the most common ways that ransomware gets into systems, and how can you limit the possibility of infection? If you are infected, what steps should you take to mitigate the problem, and how should you deal with the perpetrators? This webinar will answer these questions and more, providing expert advice on how to stop ransomware from infecting your critical systems and data --and what to do if your defenses fail.

Building a Better IT Security Architecture for Your Enterprise
Date: Oct 23, 2019

View archived webinar

Many enterprises invest heavily in specialized cyber defense technology -- but unless they also understand the business they are trying to defend, they will continue to fall prey to attackers. How can a security department find all the business's IT assets, prioritize the business's most valuable data, and develop cybersecurity strategies to defend those assets accordingly? How can a SOC be as quick to fix vulnerabilities as it is to find them them? How can a CISO be sure that they have built a cost-effective security architecture that still meets the needs of their organization? In this webinar, attendees will learn to build an overarching security architecture that is built on a stronger foundation and better anticipates the potential threats to your organization.

Creating and Maintaining Effective Metrics for Assessing Enterprise Security
Date: Oct 15, 2019

View archived webinar

When IT security leaders speak with top management, they're typically asked two questions:

  1. How safe is the organization from cyber threats
  2. How well are enterprise defenses working

During this webinar, top experts will discuss key metrics for assessing security posture, as well as the performance of the security team. You'll learn about some useful ways to measure cybersecurity effectiveness, and how to use those metrics to demonstrate new risks as well as the ongoing performance of your security initiatives.

Cyber Resilience: How To Survive A Cyber Attack and Recover Faster
Date: Oct 10, 2019

View archived webinar

For your business to survive a security incident, it needs to get back to doing business as soon as possible --back to serving customers, cutting paychecks, and running production lines. If your organization were hit by a major incident, how badly would your operations be interrupted and how many customers would you lose for good? In this webinar, learn how to prepare today, to make your business more resilient to cyber attacks tomorrow.

Future-Proofing Your Next-Generation Firewall
Date: Oct 09, 2019

View archived webinar

The Next-Generation Firewall (NGFW) has been the cornerstone of enterprise network security for more than a decade. With the onset of digital transformation -- such as mobility, cloud computing, and software-defined networking – one might conclude that the relevance of NGFW would be waning. However, that couldn't be further from the truth.

NGFW is transforming and is becoming increasingly crucial to the success of enterprise cybersecurity programs. Not only is the NGFW providing more functionality in more places and in more form factors than ever before, but it is also enabling vital integration and orchestration capabilities to foster the holistic, best-of-breed network security architectures enterprises demand.

Attend this Dark Reading webinar and hear as Ovum Senior Analyst Eric Parizo and a special guest from Cisco Security discuss the fundamental capabilities of an emerging "new" generation of NGFW platforms, and how enterprises can benefit from the NGFW technological and market evolution.

10 Incredible Ways to Hack Email & How to Stop the Bad Guys
Date: Sep 24, 2019

View archived webinar

Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. We will also share a special treat - a (pre-recorded) hacking demo by Kevin Mitnick. If all you were worried about were phishing attempts, think again!

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Sep 18, 2019

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes? In this enlightening Dark Reading webinar, a top expert will offer some useful definitions of terms, and discuss practical applications that could speed your incident response time and improve your use of IT security staff resources

AI vs. AI: The Good, the Bad and the Ugly
Date: Sep 10, 2019

View archived webinar

Think about what would happen when hackers start using the power of AI for their malicious ends? With the dissemination of AI knowledge and resources, this has become not a theoretical question of if, but when. In this webinar we’ll be drawing out the implications of this, as we explore the three possible types of attack which include:

  • AI based attacks – where malware is built on AI algorithms as an integral part of its business logic.
  • AI based attack infrastructure and frameworks – where the AI is used elsewhere in the attacker’s environment and infrastructure, for e.g. server malware creation process etc.
  • Adversarial attacks – where “malicious” AI algorithms work to subvert the functionality of “benign” AI algorithms.
Container Security: How to Protect Your Production Environment from the Threats
Date: Sep 05, 2019

View archived webinar

Many organizations are implementing “containerization” strategies in order to speed application development, make deployment more efficient, and improve scalability. But the rapid growth of containers also has opened up new doors for the bad guys, who are increasingly finding vulnerabilities in hastily created containers and taking advantage of a shortage of container security solutions.

In this Dark Reading webinar, experts offer a comprehensive look at the security flaws and vulnerabilities inherent in many container environments and offer tips and recommendations on how you can detect and remediate those issues prior to deployment – before attackers get a chance to exploit them.

Vendor ATT&CK Misdirection and How to Avoid It
Date: Aug 29, 2019

View archived webinar

Every vendor is talking about ATT&CK but do you know your execution from your exfiltration? Your persistence from privilege escalation? In this webinar, you will learn how a simple shift to an adversary-focused approach will help stop targeted threats and will evolve your security program from lean-back to lean-forward – no matter the size or maturity of your security team.

10 Emerging Threats to Enterprise Applications
Date: Aug 27, 2019

View archived webinar

Cyberattacks to today’s enterprises often begin by exploiting a new or recently discovered software vulnerability. What are some of these emerging application vulnerabilities, and how are attackers using them to crack security and expose critical business data?

In this Dark Reading webinar, application security experts offer a look at some of the latest and most potentially damaging threats to current enterprise apps, and how those threats can expose your organization to data compromise and theft. The experts also offer some practical advice on how to identify these threats and vulnerabilities in your organization – and how to secure your applications to limit the impact of an application-focused attack.

DDoS Resilience, Remediation and Recovery: Updating Your Strategy
Date: Aug 13, 2019

View archived webinar

Most organizations keep back-ups and have basic plans to protect themselves from denial of service attacks. However, most of those DDoS response strategies were long before businesses relied upon cloud services for fundamental operations, before our environments were full of IoT devices requiring network access, and long before the threat of IoT botnets. We are more reliant than ever on network access, and attackers have more powerful tools than ever to cut that access off.

So are you ready for a DDoS attack on your network -- or on your service provider’s network – or is it time to update your resilience, remediation and recovery plan? In this webinar, learn strategies that will make your business resilient against the DDoS threats of today.

The Cost of Industrial Cyber Incidents and How to Prevent Them
Date: Jul 30, 2019

View archived webinar

Cyberattacks can cause devastating business disruptions and lead to financial losses reaching hundreds of millions of dollars. The World Economic Forum’s 2019 Global Risk Report ranked cyberattacks causing disruption to operations and critical infrastructure among the top five global risks.

The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems. So what are these risks and how do you protect your organization from falling victim to them?

Improving Enterprise Authentication: Taming the Password Beast
Date: Jul 25, 2019

View archived webinar

Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, top experts will discuss emerging methods for solving the authentication problem, and for building authentication strategies that go beyond the enterprise premises.

Using Network Segmentation and Microsegmentation to Improve Enterprise Defense
Date: Jul 16, 2019

View archived webinar

When an online attacker penetrates your cyber defenses, he or she may take on the guise of an authorized user, making it possible to move laterally within your IT environment to steal information without detection. One growing strategy for limiting this lateral movement is network segmentation, which can restrict access to critical systems and help limit the damage caused by an online attacker. In this Dark Reading webinar, experts discuss methods for using network segmentation and microsegmentation as part of your organization's strategy for limiting the effects of an online compromise.

What to Do When Hackers Attack
Date: Jun 26, 2019

View archived webinar

The worst has happened. Online attackers have penetrated your cyber defenses and are threatening your most sensitive data. What should you do now? In this fascinating and educational virtual event, you will hear advice and recommendations from some of the cybersecurity industry’s top experts and speakers on the critical issues of breach investigation and incident response.

This all-day online conference, produced by the editors of Dark Reading, will help you and your organization prepare for those “very bad days” when you suspect that your mission-critical data has been compromised. Attend the event and you’ll hear about tools and best practices for detecting a breach – even when it’s well-obfuscated – and how to analyze multiple indications of compromise to reveal a sophisticated attack. You’ll also receive first-hand expertise on what to do in the first hours of a major breach, whether to pull the plug on infected systems, and when to call in law enforcement. Best of all, you’ll get expert advice on how to determine the extent of a data compromise, how to stop it, how to remediate your systems, and how to handle legal and business consequences that may follow.

2019 Trends Report: The Zero Trust Journey
Date: Jun 20, 2019

View archived webinar

As your workforce becomes more distributed, security is even more critical. Protecting the network is important but it’s no longer enough to secure applications and data. That’s why adoption of a Zero Trust security framework is on the rise.

Interested in more data on how your peers are adopting Zero Trust to protect their apps, data and distributed workforce?

Automating Cybersecurity Functions in Your Enterprise
Date: Jun 12, 2019

View archived webinar

Organizations face tremendous challenges when trying to keep pace with the volume of cyber incidents they are seeing today. Information security leaders are looking to the benefits of security orchestration and automation to relieve the strain on their incident response teams. While the promise of orchestration is great, achieving success requires great care in choosing which processes and investigative actions to automate.

Thinking Like a Cyber Attacker: Strategies for Defense
Date: Jun 06, 2019

View archived webinar

Increasingly, enterprises are discovering that the best way to test and defend their organization is to view their IT environment from the perspective of an attacker. But how do you predict an attacker's motives and simulate their methods, and how do you know that you aren’t overlooking key vulnerabilities? In this Dark Reading webinar, experts discuss methods for testing your security’s mettle by thinking like your adversary.

Becoming a Threat Hunter in Your Enterprise
Date: May 14, 2019

View archived webinar

For years, most IT security organizations have waited to detect new threats and  then moved swiftly to defend against them. Today, however, there is a new wave  of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats before the attackers have a chance to act. How do enterprises build threat hunting programs? How do they staff them, and what tools do they need? What skills and training does a great threat hunter need? In  this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

The CISO Challenge
Date: May 09, 2019

View archived webinar

New research highlights key management and communication issues facing those responsible for cyber security, including entrenched perceptions by senior leadership and employees. Nearly 50% of cyber security professionals, for example, believe executive boards see them in just a maintenance role, rather than a source of innovation that contributes to the business. Given the enormous impact of security breaches and the increase in compliance requirements, CISOs need to communicate the value of cyber security across all levels of their organizations.

Join Chief Security Scientist, Joseph Carson as he discusses the changes cyber security professionals must make in order to expand their influence and align cyber security with business priorities so executive boards can see the business case for security investments.

Building an Incident Readiness and Response Playbook
Date: May 08, 2019

View archived webinar

The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of an emergency? Don't make a data breach any harder than it needs to be. In this webinar, learn the Xs and Os of any good security incident readiness and response playbook.

Developing the Right Strategy for Secure Email
Date: May 01, 2019

View archived webinar

Many of today's most damaging cyber attacks begin with a simple hack of the corporate email system. Yet many enterprises still don't have a unified approach to protecting their email and messaging systems, leaving themselves open to a wide range of online exploits. In this webinar, top experts discuss strategies for limiting access to critical email systems, when to encrypt email attachments and transmissions, and how to build a day-to-day process for protecting email against common cyber attacks.

End-User Security Awareness Programs That Work
Date: Apr 30, 2019

View archived webinar

Most successful cyber-attacks begin by manipulating an end user, via a phishing message or other social engineering attack. Instead of just being weak spots, imagine your users could be the security department's eyes and ears--the first to alert you to a potential threat. End users can only help, though, if you give them training that both educates them and makes them care about security. In this webinar learn how to create an end-user security awareness program that engages your users, builds a security culture, and reduces attackers' success rate.

A Day in the Life of an OT Cybersecurity Expert
Date: Apr 17, 2019

View archived webinar

What are the critical must-haves and pitfalls to avoid when it comes to safeguarding industrial facilities in the age of the Industrial Internet of Things? Threats to the safety and security of critical infrastructure make headlines on a regular basis. CISOs and their IT teams may be ultimately accountable for the security of industrial control systems in critical industries such as oil and gas, refining, chemical processing and power generation, but they can benefit greatly from the expertise of their operation technology (OT) cybersecurity teams.

Join us for a panel discussion with three OT cybersecurity experts who share their experience and lessons learned when securing the critical infrastructure. We’ll dive into critical success factors for effectively managing OT risk while ensuring safe and reliable production within the plant.

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Mar 19, 2019

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” (ML) to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes?

In this enlightening Dark Reading webinar, a top expert will offer some useful definitions of terms and will discuss some practical applications of the technology that might speed your incident reaction time and improve your use of IT security staff resources.

Disrupting Lateral Movement
Date: Mar 14, 2019

View archived webinar

Attackers don't have to hit your most critical assets directly -they'll find a soft spot in your perimeter defenses and move laterally through your environment until they reach their target.

In this webinar you'll learn about the tools and techniques you can use to detect attackers' lateral movement within your computing environment and how to stop them before they launch their final payload.

Overcoming Cyberthreats to Critical Infrastructure with Integrated IT/OT Cybersecurity
Date: Mar 06, 2019

View archived webinar

Many organizations reliant on critical infrastructure networks are striving to reduce risk with cybersecurity strategies that bridge both IT and OT asset domains. However, achieving comprehensive IT/OT cybersecurity is often a more challenging task in practice than it is conceptually.

Security professionals interested in effectively executing an integrated IT/OT cybersecurity strategy should join this webinar to learn how they can achieve end-to-end visibility into the full spectrum of both IT and OT network devices, as well as unified business risk management for today’s continuously evolving cyberthreat landscape. During this webinar, we will dive into four foundational elements of a comprehensive IT/OT cybersecurity strategy, including asset visibility, asset management, risk & compliance and investigation & response, with use cases of each.

Closing the Threat Intelligence Effectiveness Gap
Date: Feb 27, 2019

View archived webinar

In a recently released Ponemon Institute report, "The Value of Threat Intelligence: Annual Study of North American & United Kingdom Companies," the importance of threat intelligence in achieving a strong cybersecurity posture is rated as very high at 85%, but only 41% of respondents felt that they are utilizing their threat intelligence effectively.

The report reveals that security professionals believe threat intelligence is often too voluminous and/or complex to provide actionable insights. It also states that - despite security being a business priority - security professionals struggle in sharing essential threat data to the C-Suite and above. Findings also suggest security teams are not optimized to deliver on threat intelligence and they often lack experienced subject matter experts.

Tune in to this webinar to learn about the overload of threat intelligence data and what your peers are citing as important in the day-to-day protection of their networks.

Understanding and Preventing Social Engineering Attacks
Date: Feb 20, 2019

View archived webinar

While cyber attackers continually develop more sophisticated methods for penetrating enterprise computing systems, most exploits begin with a simple step: fooling users into breaking security policy. These "social engineering" attacks – including phishing, "watering holes", and social network attacks – are  designed to trick your users into giving up passwords, opening malicious email attachments, or installing malware. How can enterprises prevent this sort of attack? Can users be trained to recognize such exploits and avoid them? In this webcast, experts discuss the most effective methods of defending against social engineering attacks.

Practical Cyber Defense for Industrial Control Systems
Date: Feb 14, 2019

View archived webinar

Industrial control systems (ICS) environments are being targeted by more sophisticated threats every day; but the security professionals who defend ICS environments face significant limitations. Patching practices and scanning tools that are common in most IT environments are often unacceptable for ICS, which may operate critical infrastructure and require 24/7 uptime. In this Dark Reading webinar, top experts offers insight on the threat posed to ICS systems, and how you can expand your security strategies to protect them. 

Getting More from Less: 3 Ways Replacing AV with a Security Platform Can Help You
Date: Jan 31, 2019

View archived webinar

The threat landscape is growing increasingly sophisticated and is bypassing traditional antivirus. To combat this, IT and security professionals are adding products to their security stack. In fact, 48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats. Each has its own endpoint agent, dataset, console, and back end. The result is a lot of complexity and not enough efficacy.

It doesn’t have to be this way.
What if it was possible to have a single platform that simplified your security stack and improved your protection?

How IT Security Teams Can Use Machine Learning to Improve Data Defense
Date: Jan 29, 2019

View archived webinar

A new wave of machine learning technology promises to help IT security operations teams detect cyber threats sooner and respond to them more quickly. But machine learning is used in a wide variety of ways, and not all machine learning-based products work in the same fashion.

In this webinar, experts will discuss the ways that machine learning can help in security operations, how it can speed threat analysis, and how to evaluate and choose technologies that will work in your organization.

Choosing the Right Strategies for Endpoint Security
Date: Jan 23, 2019

View archived webinar

There are many tools for protecting enterprise endpoints from attack, but most organizations still do not have a comprehensive strategy for endpoint protection that extends across the enterprise. In this webinar, experts will discuss methods for rationalizing endpoint protection tools and strategies and building a comprehensive strategy that works across the entire organization.

Consistency is Key with Cloud Security
Date: Jan 17, 2019

View archived webinar

When it comes to cloud security, consistency is everything – your cloud controls should mimic your on-premise implementations, so you have complete consistency of security policy enforcement across environments.

Cloud security breaches have not been the result of brilliant criminal masterminds. Rather, they have been the result of self-inflicted errors that are often caused by faulty migration and deployment practices – particularly when the right security personnel are excluded from the process.

Stopping Email-Borne Threats Before They Spread
Date: Dec 18, 2018

View archived webinar

Your organization likely has extensive security protections for your inbound email from the Internet. However, as much as two-thirds of many organizations’ total email traffic is generated internally by users. And, of course, attackers know this. Are you inspecting your internal email with the same diligence as your inbound email? What about the emails being sent out to your partners, suppliers, and customers?

Building a Cyber Defense for 2019
Date: Dec 12, 2018

View archived webinar

A Dark Reading Virtual Event

When it comes to enterprise cybersecurity, the only constant is change. On one side, many organizations are being transformed by technological change, including the rapid movement toward cloud services, digital transformation, and the Internet of Things. On the other side, security teams are rethinking their defense strategies to respond to new threats such as ransomware, crypto mining, and next-generation malware. And as if that isn’t enough, major regulatory changes such as GDPR are putting new pressures on enterprise security and privacy.

What are the key cybersecurity steps that enterprises should be taking in the coming year? What are the critical changes that IT organizations should anticipate, and how should they prioritize their security initiatives? At this Dark Reading virtual event, security practitioners, industry visionaries, and technology developers come together to discuss the key changes to expect in the next 12 months – and how you can prepare for them.

Using Security Champions to Build a DevSecOps Culture Within Your Organization
Date: Dec 11, 2018

View archived webinar

The security industry has made great strides developing tools and technology to integrate software security into the application development life cycle. However, it’s important not to ignore the people and process aspects of DevSecOps. Building security into application teams’ culture is necessary for DevSecOps to be successful.

Outside the software security group, Security Champions are the leaders of this cultural change.

Developing a Customized Defense Against Targeted Attacks
Date: Dec 06, 2018

View archived webinar

"Targeted attack" doesn't necessarily mean sophisticated malware and nation-state threat actors. What it does mean, is that the attack will be aimed directly at your organization, so your defenses should be focused where targeted attackers will hit you hardest.

So who wants what corporate intellectual property, who wants to take down what system, who wants to cause harm to what individual, and what tools and know-how do these threat actors have at their disposal?  This webinar can help.  Join us and learn how to predict where targeted attackers will hit you hardest and how to tune your defenses accordingly.

Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19071
PUBLISHED: 2019-11-18
A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.
CVE-2019-19072
PUBLISHED: 2019-11-18
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
CVE-2019-19073
PUBLISHED: 2019-11-18
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, ...
CVE-2019-19074
PUBLISHED: 2019-11-18
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
CVE-2019-19075
PUBLISHED: 2019-11-18
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.