Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of TessianCommentary
Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account.
By Tim Sadler CEO and co-founder of Tessian, 6/17/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Sight Unseen
John Klossner, CartoonistCommentary
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 6/14/2021
Comment9 comments  |  Read  |  Post a Comment
The Workforce Shortage in Cybersecurity Is a Myth
Michael Roytman, Chief Data Scientist, Kenna SecurityCommentary
What we really have is an automation-in-the-wrong-place problem.
By Michael Roytman Chief Data Scientist, Kenna Security, 6/10/2021
Comment0 comments  |  Read  |  Post a Comment
New Security Event @Hack to Take Place in Saudi Arabia
Dark Reading Staff, Quick Hits
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
By Dark Reading Staff , 6/9/2021
Comment0 comments  |  Read  |  Post a Comment
With Cloud, CDO and CISO Concerns Are Equally Important
Ameesh Divatia, Co-Founder & CEO of BaffleCommentary
Navigated properly, a melding of these complementary perspectives can help keep an organization more secure.
By Ameesh Divatia Co-Founder & CEO of Baffle, 6/9/2021
Comment0 comments  |  Read  |  Post a Comment
Cyber Athletes Compete to Form US Cyber Team
Jessica Gulick, US Cyber Games CommissionerCommentary
Here's how security pros can showcase value to future employers: a field of friendly strife to measure their aptitude against competitors.
By Jessica Gulick US Cyber Games Commissioner, 6/7/2021
Comment0 comments  |  Read  |  Post a Comment
Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report
Dark Reading Staff, Quick Hits
A new study examines the tools and technologies driving investment and activities for security operations centers.
By Dark Reading Staff , 5/28/2021
Comment0 comments  |  Read  |  Post a Comment
The Changing Face of Cybersecurity Awareness
Lise Lapointe, CEO and Founder, Terranova SecurityCommentary
In the two decades since cybersecurity awareness programs emerged, they've been transformed from a good idea to a business imperative.
By Lise Lapointe CEO and Founder, Terranova Security, 5/21/2021
Comment0 comments  |  Read  |  Post a Comment
Dev-Sec Disconnect Undermines Secure Coding Efforts
Robert Lemos, Contributing WriterNews
Rather than continue to complain about each other, developers and security pros need to work together and celebrate their successes.
By Robert Lemos Contributing Writer, 5/20/2021
Comment0 comments  |  Read  |  Post a Comment
Cobalt Strike Becomes a Preferred Hacking Tool by Cybercrime, APT Groups
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Incident response cases and research show how the red-team tool has become a become a go-to for attackers.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/19/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Road Trip
John Klossner, CartoonistCommentary
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 5/17/2021
Comment4 comments  |  Read  |  Post a Comment
When AI Becomes the Hacker
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/13/2021
Comment0 comments  |  Read  |  Post a Comment
66% of CISOs Feel Unprepared for Cyberattacks
Dark Reading Staff, Quick Hits
More than half of CISOs surveyed are more concerned about a cyberattack in 2021 than in 2020, researchers report.
By Dark Reading Staff , 5/12/2021
Comment0 comments  |  Read  |  Post a Comment
Gap Between Security and Networking Teams May Hinder Tech Projects
Dark Reading Staff, Quick Hits
Professionals in each field describe a poor working relationship between the two teams
By Dark Reading Staff , 5/5/2021
Comment0 comments  |  Read  |  Post a Comment
Wanted: The (Elusive) Cybersecurity 'All-Star'
Steve Zurier, Contributing WriterNews
Separate workforce studies by (ISC) and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.
By Steve Zurier Contributing Writer, 5/5/2021
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Celebrates 15th Anniversary
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
By Tim Wilson, Editor in Chief, Dark Reading , 5/3/2021
Comment0 comments  |  Read  |  Post a Comment
Challenging Our Education System to Nurture the Cyber Pipeline
Stephanie Aceves, Senior Director, Threat Response SME Lead, at TaniumCommentary
Let's teach students how to teach themselves. Once we do that, we will have taught a generation of students how to think like hackers.
By Stephanie Aceves Senior Director, Threat Response SME Lead, at Tanium, 4/27/2021
Comment0 comments  |  Read  |  Post a Comment
In Appreciation: Dan Kaminsky
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Beloved security industry leader and researcher passes away unexpectedly at the age of 42.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/26/2021
Comment0 comments  |  Read  |  Post a Comment
KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features
Robert Lemos, Contributing WriterNews
Security awareness firm aims expand into Europe and Asia, and add automation and machine learning to its technology.
By Robert Lemos Contributing Writer, 4/23/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Greetings, Earthlings
John Klossner, CartoonistCommentary
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 4/22/2021
Comment17 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18442
PUBLISHED: 2021-06-18
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".
CVE-2021-3604
PUBLISHED: 2021-06-18
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.
CVE-2005-2795
PUBLISHED: 2021-06-18
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2021-32954
PUBLISHED: 2021-06-18
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.
CVE-2021-32956
PUBLISHED: 2021-06-18
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.