Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Upcoming Webinars

Webinar Archives
Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?
Date: Aug 18, 2020
View webinar
Join us for this webinar where we'll dive into why data backups won't save you, why ransomware isn't your real problem and how your end users can become your best, last line of defense.

Securing Active Directory the Way it Deserves
Date: Aug 11, 2020
View webinar
In this webinar, experts will explain the latest Active Directory-related threats and help you get your new or legacy AD in order so you're prepared for them.

Why Performance Testing is More Critical Today
Date: Aug 06, 2020
View webinar
In this InformationWeek webinar, experts will help enterprise teams understand what they should expect from performance testing solutions and how to put them to work most efficiently.

Protecting Mobile Apps and APIs from the Inside Out
Date: Jul 29, 2020
View webinar
From mobile banking to telemedicine to ecommerce, consumers are relying on web and mobile apps more than ever before. But as organizations become even more dependent on the revenue these apps generate, most still aren't doing enough to protect applications against attacks that can compromise data or lead to fraud.

Keeping the Business Running with Remote Network Management
Date: Jul 28, 2020
View webinar
IT departments face a great challenge. In a manner of weeks, the way they work radically changed. Network management functions now need to be conducted from home. It's as if every wiring closet, equipment rack, and data center is a lights-out operation. In this webinar, experts will discuss ways companies can make stronger transitions by using existing and new technologies -- and best practices.

Don't Miss this Event Featuring Rob Carter - CIO of FedEx
Date: Jul 23, 2020
View webinar
In these tumultuous times, IT organizations are tasked with two critical, yet often conflicting priorities: increasing online innovation and cutting IT costs. In this eye-opening keynote address you'll get a first-hand perspective on how organizations can implement new IT strategies that not only increase functionality and reach, but also save money in the process.

The Changing Face of Threat Intelligence
Date: Jul 22, 2020
View webinar
In this webinar, learn how enterprises are using threat intelligence and best practices for integrating threat intel into security operations and incident response.

Emerging Security Threats Your Enterprise Should Be Aware Of
Date: Jul 21, 2020
View webinar
Are you aware of the newest - and most damaging - vulnerabilities that have been discovered or are active in the wild now? In this webinar, experts discuss some of the most dangerous emerging threats, and what you can do to defend against them.

5 Ways to Jumpstart AI
Date: Jul 16, 2020
View webinar
Are you ready to get started with AI? In this webinar, experts share how you can get your team and your data ready for the next industrial revolution.

How Cyber Attackers Will Use & Abuse AI, ML Against the Enterprise
Date: Jul 15, 2020
View webinar
In this webinar, get a picture of the actual threat landscape today, realistic predictions of how it will evolve, and what businesses can do now to prepare for the future.

COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...