Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Must Reads

Enterprise Cybersecurity Plans in a Post-Pandemic World
Publish Date: Aug 12,2021
The State of Cybersecurity Incident Response
Publish Date: Jun 3,2021
2021 Top Enterprise IT Trends
Publish Date: Feb 4,2021
2020: The Year in Security
Publish Date: Dec 7,2020
How to Measure and Reduce Cybersecurity Risk in Your Organization
Publish Date: Oct 28,2020
Special Report: Computing's New Normal
Publish Date: Sep 17,2020
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
Publish Date: Aug 14,2020
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
Publish Date: May 12,2020
6 Emerging Cyber Threats That Enterprises Face in 2020
Publish Date: Feb 13,2020
IT 2020: A Look Ahead
Publish Date: Jan 23,2020
The Year in Security: 2019
Publish Date: Dec 9,2019
Navigating the Deluge of Security Data
Publish Date: Nov 12,2019
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
Publish Date: Aug 12,2019
Building and Managing an IT Security Operations Program
Publish Date: May 15,2019
5 Emerging Cyber Threats to Watch for in 2019
Publish Date: Feb 7,2019
The Year in Security 2018
Publish Date: Dec 7,2018
10 Best Practices That Could Reshape Your IT Security Department
Publish Date: Nov 6,2018
10 Emerging Threats Every Enterprise Should Know About
Publish Date: Aug 16,2018
The Biggest Cybersecurity Breaches of 2018 (So Far)
Publish Date: Jul 23,2018
The Changing Role of the CISO
Publish Date: May 21,2018
How to Cope with the IT Security Skills Shortage
Publish Date: Feb 12,2018
The Year in Security: 2017
Publish Date: Dec 12,2017
Managing Cyber-Risk
Publish Date: Oct 25,2017
Security Vulnerabilities: The Next Wave
Publish Date: Jul 19,2017
Security Operations and IT Operations: Finding the Path to Collaboration
Publish Date: Apr 19,2017
5 Security Technologies to Watch in 2017
Publish Date: Jan 18,2017
Five Things Every Business Executive Should Know About Cybersecurity
Publish Date: Dec 6,2016
Five Emerging Security Threats - And What You Can Learn From Them
Publish Date: Aug 9,2016
The Changing Face of Identity Management
Publish Date: Jul 26,2016
DNS Threats: What Every Enterprise Should Know
Publish Date: Jun 28,2016
How To Build An Effective Defense Against Ransomware
Publish Date: Jun 21,2016
8 Key Building Blocks for Enterprise Network Defense
Publish Date: May 10,2016
Understanding & Managing the Mobile Security Threat
Publish Date: Mar 15,2016
E-Commerce Security: What Every Enterprise Needs to Know
Publish Date: Nov 2,2015
Dark Reading Tech Digest September 7, 2015
Publish Date: Sep 7,2015
Dark Reading Tech Digest, June 2015
Publish Date: Jun 1,2015
Dark Reading - March 2, 2015
Publish Date: Mar 2,2015
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...