Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Operations
Page 1 / 2   >   >>
The Privacy & Security Outlook for Businesses Post-COVID-19
Commentary  |  6/5/2020  | 
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
COVID-19: Latest Security News & Commentary
News  |  6/5/2020  | 
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
Strengthening Secure Information Sharing Through Technology & Standards
Commentary  |  6/4/2020  | 
How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.
Could Automation Kill the Security Analyst?
Commentary  |  6/4/2020  | 
Five skills to ensure job security in the Age of Automation.
10 Tips for Maintaining Information Security During Layoffs
Slideshows  |  6/2/2020  | 
Insider cyberthreats are always an issue during layoffs -- but with record numbers of home-office workers heading for the unemployment line, it has never been harder to maintain cybersecurity during offboarding.
Companies Fall Short on Mandatory Reporting of Cybercrimes
News  |  6/2/2020  | 
Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.
Risk Assessment & the Human Condition
Commentary  |  6/2/2020  | 
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
Thycotic Buys Onion ID to Extend PAM Portfolio
Quick Hits  |  6/2/2020  | 
The acquisition brings three new products into Thycotic's privileged access management lineup.
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Commentary  |  6/1/2020  | 
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
Bank of America Security Incident Affects PPP Applicants
Quick Hits  |  5/29/2020  | 
The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
Cisco Announces Patches to SaltStack
Quick Hits  |  5/29/2020  | 
The patches came after Cisco was notified by the Salt Open Core team that the vulnerabilities and updates were available.
Zscaler Buys Edge Networks
Quick Hits  |  5/29/2020  | 
The acquisition is Zscaler's second major buy this quarter.
How Elite Protectors Operationalize Security Protection
Commentary  |  5/28/2020  | 
There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC.
Stay-at-Home Orders Coincide With Massive DNS Surge
News  |  5/27/2020  | 
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
Cloud Security Architect Proves Hardest Infosec Role to Fill
Quick Hits  |  5/27/2020  | 
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
What the World's Elite Protectors Teach Us about Cybersecurity
Commentary  |  5/27/2020  | 
How to protect anyone and anything, from the perspective of a career Secret Service agent and former special operations marine.
StrandHogg 2.0 Emerges as 'Evil Twin' to Android Threat
News  |  5/26/2020  | 
The vulnerability, which exists in almost every version of Android, is both more dangerous and harder to detect than its predecessor.
World Leaders Urge Action Against Healthcare Cyberattacks
Quick Hits  |  5/26/2020  | 
The global call to end cybercrime targeting healthcare facilities has been signed by government leaders and Nobel laureates.
The Problem with Artificial Intelligence in Security
Commentary  |  5/26/2020  | 
Any notion that AI is going to solve the cyber skills crisis is very wide of the mark. Here's why.
Security & Trust Ratings Proliferate: Is That a Good Thing?
News  |  5/22/2020  | 
Phishing ratings, security ratings, human-ness ratings -- we are looking at a future filled with grades of security and trustworthiness. But there is a downside.
10 iOS Security Tips to Lock Down Your iPhone
Slideshows  |  5/22/2020  | 
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses
News  |  5/21/2020  | 
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.
How an Industry Consortium Can Reinvent Security Solution Testing
Commentary  |  5/21/2020  | 
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.
Digital Transformation Risks in Front-end Code
Commentary  |  5/20/2020  | 
Why making every front-end developer a DevSecOps expert will lead to a more holistic approach to web and native application security.
Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say
News  |  5/20/2020  | 
As COVID-19-themed spam rises, phishingnot so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.
Web Application Attacks Double from 2019: Verizon DBIR
News  |  5/19/2020  | 
Verizon's annual data breach report shows most attackers are external, money remains their top motivator, and web applications and unsecured cloud storage are hot targets.
7 Security Pros: What My Nontraditional Background Brings to the Job
Slideshows  |  5/19/2020  | 
Job experience and degrees outside of the cybersecurity or IT world can provide invaluable diversity of thinking and problem-solving.
As DevOps Accelerates, Security's Role Changes
News  |  5/18/2020  | 
There remains a disconnect between developers and security teams, with uncertainty around who should handle software security.
Private Equity Firm Stalls $1.9B Forescout Acquisition
Quick Hits  |  5/18/2020  | 
Officials say "there can be no assurance" Forescout and Advent International will reach an agreement, though talks are ongoing.
4 Challenges with Existing VPNs
Commentary  |  5/15/2020  | 
A VPN is a step in the right direction, but it's not the be-all and end-all when it comes to security and falls short in many ways.
As Businesses Rush to the Cloud, Security Teams Struggle to Keep Up
News  |  5/14/2020  | 
Most organizations have a gap between current and planned cloud usage and the maturity of their cloud security programs.
79% of Companies Report Identity-Related Breach in Past Two Years
Quick Hits  |  5/14/2020  | 
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.
Ensuring Business Continuity in Times of Crisis
Commentary  |  5/14/2020  | 
Three basic but comprehensive steps can help you and your organization get through adversity
The Problem with Automating Data Privacy Technology
Commentary  |  5/13/2020  | 
Managing complex and nuanced consumer rights requests presents a unique challenge for enterprises in today's regulated world of GDPR and CCPA. Here's why.
CyberArk Acquires Idaptive for Identity-as-a-Service Tech
Quick Hits  |  5/13/2020  | 
The $70 million deal is intended to help CyberArk strengthen its portfolio with secure and SaaS-based identity management.
Microsoft Fixes 111 Vulnerabilities for Patch Tuesday
News  |  5/12/2020  | 
This marks the third month in a row that Microsoft patched more than 100 bugs, of which 16 are classified as critical.
The Modern SOC Demands New Skills
Commentary  |  5/12/2020  | 
Automation and other technologies are improving the organizational structure of the security operations center. This is ultimately for the better, but it means that roles will change too.
Coronavirus, Data Privacy & the New Online Social Contract
Commentary  |  5/12/2020  | 
How governments can protect personal privacy in contact tracing while saving peoples' lives
Companies Struggle for Effective Cybersecurity
News  |  5/8/2020  | 
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.
Microsoft Identity VP Shares How and Why to Ditch Passwords
News  |  5/7/2020  | 
Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.
Zoom Acquires Keybase, Plans for End-to-End Encrypted Chats
Quick Hits  |  5/7/2020  | 
The company's first acquisition to date is part of a 90-day plan to improve security in its video communications platform.
Maze Ransomware Operators Step Up Their Game
News  |  5/6/2020  | 
Investigations show Maze ransomware operators leave "nothing to chance" when putting pressure on victims to pay.
Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis
Quick Hits  |  5/6/2020  | 
Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.
Microsoft Reportedly in Talks to Acquire CyberX
Quick Hits  |  5/6/2020  | 
CyberX was founded in 2013 and has raised $48 million to build its cybersecurity platform for IoT and industrial control systems.
Breach Hits GoDaddy SSH Customers
Quick Hits  |  5/5/2020  | 
The October 2019 breach left some customer data open to hacking eyes.
Cloud Startup Orca Security Raises $20M Series A
Quick Hits  |  5/5/2020  | 
The Israeli cloud security startup has built a platform to help organizations gain greater visibility into multicloud deployments.
Designing Firmware Resilience for 3 Top Attack Vectors
Commentary  |  5/5/2020  | 
Firmware has become an increasingly prevalent target for hackers. Here's how to stop them.
SMB Security Catches Up to Large Companies, Data Shows
News  |  5/4/2020  | 
Small and midsize businesses face issues similar to those of large organizations and have updated security practices to respond with threat hunting, patch management, and dedicated personnel.
The Cybersecurity Hiring Conundrum: Youth vs. Experience
Commentary  |  5/4/2020  | 
How working together across the spectrum of young to old makes our organizations more secure.
7 Tips for Security Pros Patching in a Pandemic
Slideshows  |  5/4/2020  | 
The shift to remote work has worsened patch management challenges and created new ones. Security pros share insights and best practices.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.