Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary
What Cybersecurity Pros Really Think About Artificial Intelligence
Ericka Chickowski, Contributing Writer
While there's a ton of unbounded optimism from vendor marketing and consultant types, practitioners are still reserving a lot of judgment.
By Ericka Chickowski Contributing Writer, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
Princess Cruises Confirms Data Breach
Dark Reading Staff, Quick Hits
The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers' personal data.
By Dark Reading Staff , 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
A Lesson in Social Engineering
Beyond the Edge, Dark Reading
What kind of school project is this?
By Beyond the Edge Dark Reading, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us?
Yaniv Valik, VP Product, Cyber and IT Resilience, Continuity SoftwareCommentary
Law-abiding folks like us applauded Texas for its bravery ? but would we have the steel will to stand on the side of justice if it happened to us? Probably not.
By Yaniv Valik VP Product, Cyber and IT Resilience, Continuity Software, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
Russia-Based Turla APT Group's Infrastructure, Activity Traceable
Jai Vijayan, Contributing WriterNews
Threat actor's practice of using known malware and tactics gives an opening for defenders, says Recorded Future.
By Jai Vijayan Contributing Writer, 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
New Report Shows Breach Costs Continuing to Grow
Dark Reading Staff, Quick Hits
The costs associated with data breaches climb alongside the amount of data managed by the enterprise according to the latest Global Protection Index Snapshot.
By Dark Reading Staff , 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
New Android Malware Strain Sneaks Cookies from 7x彩票网app
Kelly Sheridan, Staff Editor, Dark ReadingNews
Two malware modifications, when combined, can snatch cookies collected by browsers and social networking apps.
By Kelly Sheridan Staff Editor, Dark Reading, 3/12/2020
Comment1 Comment  |  Read  |  Post a Comment
CASB 101: Why a Cloud Access Security Broker Matters
Curtis Franklin Jr., Senior Editor at Dark Reading
A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the answer.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Working from Home? These Tips Can Help You Adapt
Andy Ellis, Chief Security Officer, AkamaiCommentary
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
By Andy Ellis Chief Security Officer, Akamai, 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Leaked Remote Code Execution Flaw
Dark Reading Staff, Quick Hits
A vulnerability in Microsoft's Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week.
By Dark Reading Staff , 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Back to the Future: A Threat Intelligence Journey
Michelle Alvarez, Manager, Threat Intelligence Production Team, IBM X-Force IRISCommentary
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.
By Michelle Alvarez Manager, Threat Intelligence Production Team, IBM X-Force IRIS, 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Cyberspace Solarium Commission Slams US Cybersecurity Readiness
Dark Reading Staff, Quick Hits
The federal commission outlined more than 60 recommendations to remedy major security problems.
By Dark Reading Staff , 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Increasingly Targeting Small Governments
Robert Lemos, Contributing WriterNews
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.
By Robert Lemos Contributing Writer, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Discloses New Remote Execution Flaw in SMBv3
Jai Vijayan, Contributing WriterNews
A patch for the flaw is not yet available, but there are no known exploits -- so far.
By Jai Vijayan Contributing Writer, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?
Kelly Sheridan, Staff Editor, Dark ReadingNews
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks.
By Kelly Sheridan Staff Editor, Dark Reading, 3/11/2020
Comment1 Comment  |  Read  |  Post a Comment
I Want to Work in Industrial IoT Security. What Lingo Do I Need to Know?
Edge Editors, Dark Reading
Should you happen to be in a meeting with an ICS vendor, here are some terms you will need to know so as to not be laughed out of the room.
By Edge Editors Dark Reading, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
How the Rise of IoT Is Changing the CISO Role
Phil Neray, VP of IoT & Industrial Cybersecurity at CyberXCommentary
Prepare for the future by adopting a risk-based approach. Following these five steps can help.
By Phil Neray VP of IoT & Industrial Cybersecurity at CyberX, 3/11/2020
Comment1 Comment  |  Read  |  Post a Comment
Gender Equality in Cybersecurity Could Drive Economic Boost
Dark Reading Staff, Quick Hits
If the number of women in cybersecurity equaled the number of men, the US would see an economic gain up to $30.4 billion, research shows.
By Dark Reading Staff , 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals
Robert Lemos, Contributing WriterNews
Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious.
By Robert Lemos Contributing Writer, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Why CSP Isn't Enough to Stop Magecart-Like Attacks
Hadar Blutrich, CTO & Co-founder, Source DefenseCommentary
As Magecart and formjacking attacks become more sophisticated, it's essential to address not only what services may interact with users, but what that interaction looks like and how to control it.
By Hadar Blutrich CTO & Co-founder, Source Defense, 3/11/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more7x彩票网app about the combination of two of the industry's leading cybersecurity news sites.

A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the answer.
Should you happen to be in a meeting with an ICS vendor, here are some terms you will need to know so as to not be laughed out of the room.
There just aren't enough certified cybersecurity pros to go around -- and there likely never will be enough. So how do you fill out your cybersecurity team? Executives and hiring managers share their top tips on recognizing solid candidates.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-03-13
Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.

PUBLISHED: 2020-03-13
An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation.

PUBLISHED: 2020-03-13
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this library. So if a YAML fi...

PUBLISHED: 2020-03-13
Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules.

PUBLISHED: 2020-03-13
Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API request. This was fixed in 12.5.108.
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Flash Poll
Video
Slideshows
7x彩票网app Feed
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app