Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Reports

Latest Content
Battle for the Endpoint
Reports  |  4/9/2021  | 
How to build a new cyber strategy for 2021 and beyond.
How Enterprises are Developing Secure Applications
Reports  |  3/3/2021  | 
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Assessing Cybersecurity Risk in Today's Enterprises
Reports  |  12/4/2020  | 
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
The Malware Threat Landscape
Reports  |  11/6/2020  | 
Download this report to learn about the real makeup of online threats, as reported by the defenders who see them every day.
How Data Breaches Affect the Enterprise (2020)
Reports  |  10/29/2020  | 
Thanks to COVID-19 and the sudden movement toward home workers, data breaches have become even more common in the past 12 months. Heres a look at the damage and how enterprises are responding.
Building an Effective Cybersecurity Incident Response Team
Reports  |  9/28/2020  | 
When online attackers break your defenses, your organization needs the best team possible to fight back. Here are some guidelines for staffing and training a cyber incident response team that can respond quickly and effectively to any cyber threat.
How IT Security Organizations are Attacking the Cybersecurity Problem
Reports  |  9/16/2020  | 
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Special Report: Understanding Your Cyber Attackers
Reports  |  8/19/2020  | 
If you want to get a better sense of the threats that might be coming - and your organization's vulnerability to those threats - this special report is a must-read.
2020 State of Cybersecurity Operations and Incident Response
Reports  |  8/14/2020  | 
Download this report today to get an inside look at how cybersecurity teams are coping with new cyber threats in today's environment.
The Changing Face of Threat Intelligence
Reports  |  6/19/2020  | 
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
The Threat from the Internetand What Your Organization Can Do About It
Reports  |  6/19/2020  | 
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats
Reports  |  4/2/2020  | 
Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.
State of Cybersecurity Incident Response
Reports  |  2/27/2020  | 
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Developing and Maintaining Secure Applications
Reports  |  1/30/2020  | 
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
How Enterprises are Attacking the Cybersecurity Problem
Reports  |  12/24/2019  | 
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
How Data Breaches affect the Enterprise
Reports  |  12/10/2019  | 
Organizations use a wide range of tools and best practices for protecting against cyberattacks. But malicious efforts targeting end users are driving the need for a more people-focused approach to cybersecurity. Find out what we discovered by downloading this Dark Reading report today!
Rethinking Enterprise Data Defense
Reports  |  11/1/2019  | 
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Assessing Cybersecurity Risk in Today's Enterprise
Reports  |  10/29/2019  | 
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
2019 Online Malware and Threats
Reports  |  9/30/2019  | 
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
The State of IT Operations and Cybersecurity Operations
Reports  |  3/28/2019  | 
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
How Enterprises Are Developing Secure Applications
Reports  |  2/28/2019  | 
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
The State of Cyber Security Incident Response
Reports  |  2/27/2019  | 
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
How Enterprises Are Attacking the Cybersecurity Problem
Reports  |  1/10/2019  | 
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
How Enterprises Are Using IT Threat Intelligence
Reports  |  11/20/2018  | 
Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.
Online Malware and Threats: A Profile of Today's Security Posture
Reports  |  10/23/2018  | 
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
The Risk Management Struggle
Reports  |  9/18/2018  | 
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
How Data Breaches Affect the Enterprise
Reports  |  8/30/2018  | 
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
The State of IT and Cybersecurity
Reports  |  6/11/2018  | 
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
[Strategic Security Report] Navigating the Threat Intelligence Maze
Reports  |  12/15/2017  | 
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
[Strategic Security Report] Cloud Security's Changing Landscape
Reports  |  11/1/2017  | 
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
The State of Ransomware
Reports  |  10/3/2017  | 
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
The Dark Reading Security Spending Survey
Reports  |  9/14/2017  | 
Enterprises are spending an unprecedented amount of money on IT security where does it all go? In this survey, Dark Reading polled senior IT management on security budgets and spending plans, and their priorities for the coming year. Download the report and find out what they had to say.
Surviving the IT Security Skills Shortage
Reports  |  8/31/2017  | 
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Reports  |  8/17/2017  | 
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
The Impact of a Security Breach 2017
Reports  |  7/7/2017  | 
Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? This report offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future.
[Strategic Security Report] Assessing Cybersecurity Risk
Reports  |  7/6/2017  | 
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
New Best Practices for Secure App Development
Reports  |  12/12/2016  | 
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Reports  |  9/1/2016  | 
Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.
The Top Cybersecurity Risks And How Enterprises Are Responding
Reports  |  8/1/2016  | 
The information security landscape is a constantly shifting risk environment. Today's IT security department must manage both internal and external threats' ranging from malware to mobile device vulnerabilities, to cloud security and ransomware. Download the Dark Reading 2016 Strategic Security Survey to gain insight into how security professionals view these risks, and how they are addressing them.


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33818
PUBLISHED: 2021-06-18
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVE-2021-33820
PUBLISHED: 2021-06-18
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
CVE-2021-33822
PUBLISHED: 2021-06-18
An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVE-2020-18442
PUBLISHED: 2021-06-18
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".
CVE-2021-3604
PUBLISHED: 2021-06-18
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.