Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Sam Bocetta, Security AnalystCommentary
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
By Sam Bocetta Security Analyst, 6/19/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of Identity
Kathleen Peters, SVP & Head of Fraud & Identity, ExperianCommentary
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
By Kathleen Peters SVP & Head of Fraud & Identity, Experian, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Sensory Overload: Filtering Out Cybersecurity's Noise
Joshua Goldfarb, Independent ConsultantCommentary
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
By Joshua Goldfarb Independent Consultant, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
New Funding Values KnowBe4 at $1 Billion
Dark Reading Staff, Quick Hits
The $300 million investment is being led by KKR.
By Dark Reading Staff , 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Tomorrow's Cybersecurity Analyst Is Not Who You Think
Chris Schueler, Senior VP, Managed Security Services, TrustwaveCommentary
Organizations can't just rely on diverse and cutting-edge technologies to fight adversaries. They will also need people with diverse expertise and backgrounds.
By Chris Schueler Senior VP, Managed Security Services, Trustwave, 6/12/2019
Comment1 Comment  |  Read  |  Post a Comment
What 3 Powerful GoT Women Teach Us about Cybersecurity
Orion Cassetto, Senior Product Maester, ExabeamCommentary
Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security.
By Orion Cassetto Senior Product Maester, Exabeam, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Unmixed Messages: Bringing Security & Privacy Awareness Together
Tom Pendergast & Jeff Morgenroth, Chief Learning Officer at MediaPRO/Instructional Designer at MediaPROCommentary
Security and privacy share the same basic goals, so it just makes sense to combine efforts in those two areas. But that can be easier said than done.
By Tom Pendergast & Jeff Morgenroth Chief Learning Officer at MediaPRO/Instructional Designer at MediaPRO, 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
Cyber Talent Gap? Don't Think Like Tinder!
Lysa Myers, Security Researcher, ESETCommentary
If your company truly is a great place to work, make sure your help-wanted ads steer clear of these common job-listing clichs.
By Lysa Myers Security Researcher, ESET, 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
When Security Goes Off the Rails
Adam Shostack, Consultant, Entrepreneur, Technologist, Game DesignerCommentary
Cyber can learn a lot from the highly regulated world of rail travel. The most important lesson: the value of impartial analysis.
By Adam Shostack Consultant, Entrepreneur, Technologist, Game Designer, 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
CISOs & CIOs: Better Together
Leo Taddeo, CISO, Cyxtera, and former FBI SAC of cyber and special operations for the NY region Commentary
An overview of three common organizational structures illustrates how NOT to pit chief security and IT execs against each other.
By Leo Taddeo CISO, Cyxtera, and former FBI SAC of cyber and special operations for the NY region , 6/5/2019
Comment0 comments  |  Read  |  Post a Comment
What Cyber Skills Shortage?
Andy Ellis, Chief Security Officer, AkamaiCommentary
Employers can solve the skills gap by first recognizing that there isn't an archetypal "cybersecurity job" in the same way that there isn't an archetypal "automotive job." Heres how.
By Andy Ellis Chief Security Officer, Akamai, 6/4/2019
Comment2 comments  |  Read  |  Post a Comment
SANS Launches Security Awareness Certification
Dark Reading Staff, Quick Hits
The SANS Security Awareness Professional (SSAP) will be available this summer to professionals focused on measuring and mitigating human risk.
By Dark Reading Staff , 5/31/2019
Comment2 comments  |  Read  |  Post a Comment
Why Fostering Flexibility Is a Win for Women & Cybersecurity
Nineveh Madsen, Executive, OpenVPNCommentary
Creating a culture of supporting and advancing women is no small feat, but it's worth the challenge. Start with yourself. Here's how.
By Nineveh Madsen Executive, OpenVPN, 5/29/2019
Comment3 comments  |  Read  |  Post a Comment
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at FortinetCommentary
The talent gap is too large for any one sector, and cybersecurity vendors have a big role to play in helping to close it.
By Rob Rashotte VP of Global Training and Technical Field Enablement at Fortinet, 5/24/2019
Comment7 comments  |  Read  |  Post a Comment
Researcher Publishes Four Zero-Day Exploits in Three Days
Robert Lemos, Contributing WriterNews
The exploits for local privilege escalation vulnerabilities in Windows could be integrated into malware before Microsoft gets a chance to fix the issues.
By Robert Lemos Contributing Writer, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Proving the Value of Security Awareness with Metrics that 'Deserve More'
Ira Winkler, CISSP, President, Secure MentemCommentary
Without metrics that matter to the business, awareness programs will continue to be the bastard child of security.
By Ira Winkler CISSP, President, Secure Mentem, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
To Narrow the Cyber Skills Gap with Attackers, Cut the Red Tape
James Hadley, CEO at Immersive LabsCommentary
Attackers are getting further ahead, and entrenched corporate rules shoulder much of the blame.
By James Hadley CEO at Immersive Labs, 5/21/2019
Comment2 comments  |  Read  |  Post a Comment
Killer SecOps Skills: Soft Is the New Hard
Edy Almer, VP Product, CyberbitCommentary
The sooner we give mindsets and tool sets equal bearing, the better. We must put SOC team members through rigorous training for emergency situations.
By Edy Almer VP Product, Cyberbit, 5/20/2019
Comment1 Comment  |  Read  |  Post a Comment
Black Hat Q&A: Bruce Schneier Calls For Public-Interest Technologists
Black Hat Staff,  News
Ahead of his 2019 Black Hat USA talk, cybersecurity luminary Bruce Schneier explains why its so important for tech experts to be actively involved in setting public policy.
By Alex Wawro, Special to Dark Reading , 5/20/2019
Comment0 comments  |  Read  |  Post a Comment
The Data Problem in Security
Julian Waits, GM Cyber Security Business Unit, Devo TechnologyCommentary
CISOs must consider reputation, resiliency, and regulatory impact to establish their organization's guidelines around what data matters most.
By Julian Waits GM Cyber Security Business Unit, Devo Technology, 5/16/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-2729
PUBLISHED: 2019-06-19
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...
CVE-2019-3737
PUBLISHED: 2019-06-19
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
CVE-2019-3787
PUBLISHED: 2019-06-19
Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending ?unknown.org? to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to ...
CVE-2019-12900
PUBLISHED: 2019-06-19
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
CVE-2019-12893
PUBLISHED: 2019-06-19
Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868.