Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

News & Commentary
Ivanti Acquires Two Security Companies
Dark Reading Staff, Quick Hits
Purchase of MobileIron and Pulse Secure announced simultaneously.
By Dark Reading Staff , 9/28/2020
Comment0 comments  |  Read  |  Post a Comment
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading
Cloud and network security analysts outline trends and priorities businesses should keep top of mind as they grow more reliant on cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 9/28/2020
Comment2 comments  |  Read  |  Post a Comment
Navigating the Asia-Pacific Threat Landscape: Experts Dive In
Kelly Sheridan, Staff Editor, Dark ReadingNews
At next week's virtual Black Hat Asia, threat intelligence pros will discuss the threats local organizations should prioritize and how they can prepare.
By Kelly Sheridan Staff Editor, Dark Reading, 9/25/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 9/25/2020
Comment22 comments  |  Read  |  Post a Comment
Solving the Problem With Security Standards
Adam Shostack, Consultant, Entrepreneur, Technologist, Game DesignerCommentary
More explicit threat models can make security better and open the door to real and needed innovation.
By Adam Shostack Consultant, Entrepreneur, Technologist, Game Designer, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
Google Cloud Debuts Threat-Detection Service
Robert Lemos, Contributing WriterNews
Lockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce.
By Robert Lemos Contributing Writer, 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Azure Defender for IoT Uses CyberX Tech
Dark Reading Staff, Quick Hits
Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.
By Dark Reading Staff , 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
Permission Management & the Goldilocks Conundrum
Dotan Bar Noy, Co-Founder and CEO, AuthomizeCommentary
In today's COVID-19 era, managing access has become even more difficult, especially for large organizations. Here's how to get it "just right."
By Dotan Bar Noy Co-Founder and CEO, Authomize, 9/22/2020
Comment0 comments  |  Read  |  Post a Comment
Nearly 70% of IT & Security Pros Hone Their Cyber Skills Outside of Work
Steve Zurier, Contributing WriterNews
New research shows how security skills are lacking across multiple IT disciplines as well - including network engineers, sys admins, and cloud developers.
By Steve Zurier Contributing Writer, 9/22/2020
Comment0 comments  |  Read  |  Post a Comment
Remote Work Exacerbating Data Sprawl
Robert Lemos, Contributing WriterNews
More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds.
By Robert Lemos Contributing Writer, 9/21/2020
Comment0 comments  |  Read  |  Post a Comment
Patch by Tonight: CISA Issues Emergency Directive for Critical Netlogon Flaw
Dark Reading Staff, Quick Hits
The directive requires all federal agencies to apply a patch for Windows Netlogon vulnerability CVE-2020-1472 by midnight on Sept. 21.
By Dark Reading Staff , 9/21/2020
Comment0 comments  |  Read  |  Post a Comment
Sumo Logic IPO Prices Higher Than Expected
Kelly Sheridan, Staff Editor, Dark ReadingNews
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.
By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Juan Pablo Perez-Etchegoyen, CTO, OnapsisCommentary
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
By Juan Pablo Perez-Etchegoyen CTO, Onapsis, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVistaCommentary
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
By Simone Petrella Chief Executive Officer, CyberVista, 9/16/2020
Comment2 comments  |  Read  |  Post a Comment
Rethinking Resilience: Tips for Your Disaster Recovery Plan
Kelly Sheridan, Staff Editor, Dark ReadingNews
As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say.
By Kelly Sheridan Staff Editor, Dark Reading, 9/15/2020
Comment0 comments  |  Read  |  Post a Comment
CISA Issues Alert for Microsoft Netlogon Vulnerability
Dark Reading Staff, Quick Hits
CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.
By Dark Reading Staff , 9/15/2020
Comment0 comments  |  Read  |  Post a Comment
Taking Security With You in the WFH Era: What to Do Next
A.N. Ananth, President, NetsurionCommentary
As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.
By A.N. Ananth President, Netsurion, 9/15/2020
Comment0 comments  |  Read  |  Post a Comment
Security Through an Economics Lens: A Guide for CISOs
Kelly Sheridan, Staff Editor, Dark ReadingNews
An expert in economics and cybersecurity applies opportunity cost and other concepts of the "dismal science" to infosec roles.
By Kelly Sheridan Staff Editor, Dark Reading, 9/14/2020
Comment0 comments  |  Read  |  Post a Comment
Open Source Security's Top Threat and What To Do About It
Lech Sandecki, Product Strategy Manager at Canonical, the publisher of UbuntuCommentary
With open source developers regularly churning out new tools, the risk landscape has become too fragmented to properly monitor.
By Lech Sandecki Product Strategy Manager at Canonical, the publisher of Ubuntu, 9/14/2020
Comment0 comments  |  Read  |  Post a Comment
A Real-World Tool for Organizing, Integrating Third-Party Tools
Eric Parizo, Senior Analyst, OmdiaCommentaryVideo
Omdia Cybersecurity Accelerator analyst Eric Parizo describes how a security product integration framework (SPIF) can unify best-of-breed architectures.
By Eric Parizo Senior Analyst, Omdia, 9/13/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by JohnHammond
Current Conversations Nice article!
In reply to: Great!
Post Your Own Reply
Posted by TimKorry
Current Conversations Great tips. Thanks
In reply to: Great tips
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Malware Attacks Declined But Became More Evasive in Q2
Jai Vijayan, Contributing Writer,  9/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15216
PUBLISHED: 2020-09-29
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revisio...
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...