var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

News & Commentary
How SD-WAN Helps Achieve Data Security and Threat Protection
Charuhas Ghatge, Senior Product and Solutions Marketing Manager at Nokia's Nuage NetworksCommentary
Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility.
By Charuhas Ghatge Senior Product and Solutions Marketing Manager at Nokia's Nuage Networks, 1/15/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Windows Vuln Discovered by the NSA
Kelly Sheridan, Staff Editor, Dark ReadingNews
The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security.
By Kelly Sheridan Staff Editor, Dark Reading, 1/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
Dark Reading Staff, Quick Hits
A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.
By Dark Reading Staff , 1/14/2020
Comment0 comments  |  Read  |  Post a Comment
Insight Partners Acquires Armis at $1.1B Valuation
Dark Reading Staff, Quick Hits
This deal marks the largest-ever acquisition of a private Israeli cybersecurity company, Armis' co-founders report.
By Dark Reading Staff , 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
Malicious Google Play Apps Linked to SideWinder APT
Kelly Sheridan, Staff Editor, Dark ReadingNews
The active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report.
By Kelly Sheridan Staff Editor, Dark Reading, 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Mimecast Acquires Segasec to Boost Phishing Defense
Dark Reading Staff, Quick Hits
Segasec's technology will be integrated into Mimecast's email and Web security services to identify malicious domains.
By Dark Reading Staff , 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Victim Southwire Sues Maze Operators
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign.
By Kelly Sheridan Staff Editor, Dark Reading, 1/3/2020
Comment0 comments  |  Read  |  Post a Comment
Fraud in the New Decade
Emily Wilson, VP of Research at Terbium LabsCommentary
Like any enterprise that wants to survive, fraudsters and hackers will continue to build on past successes to fuel future growth
By Emily Wilson VP of Research at Terbium Labs, 12/30/2019
Comment1 Comment  |  Read  |  Post a Comment
Defensive Wish List for 2020: Faster Responses to Threats
Robert Lemos, Contributing WriterNews
Security professionals recommend technology to detect attacks that have already infiltrated a network.
By Robert Lemos Contributing Writer, 12/27/2019
Comment11 comments  |  Read  |  Post a Comment
IoT Security: How Far We've Come, How Far We Have to Go
Kelly Sheridan, Staff Editor, Dark ReadingNews
As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.
By Kelly Sheridan Staff Editor, Dark Reading, 12/24/2019
Comment10 comments  |  Read  |  Post a Comment
Citrix Urges Firms to Harden Configurations After Flaw Report
Robert Lemos, Contributing WriterNews
A vulnerability in two of the company's appliances opens 80,000 networks up for exploitation.
By Robert Lemos Contributing Writer, 12/23/2019
Comment0 comments  |  Read  |  Post a Comment
20 Vulnerabilities to Prioritize Patching Before 2020
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers list the top 20 vulnerabilities currently exploited by attack groups around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 12/23/2019
Comment0 comments  |  Read  |  Post a Comment
F5 Pays $1 Billion for Shape
Dark Reading Staff, Quick Hits
The acquisition adds fraud detection and prevention to the application delivery company's tool collection.
By Dark Reading Staff , 12/20/2019
Comment0 comments  |  Read  |  Post a Comment
New Orleans to Boost Cyber Insurance to $10M Post-Ransomware
Dark Reading Staff, Quick Hits
Mayor LaToya Cantrell anticipates the recent cyberattack to exceed its current $3 million cyber insurance policy.
By Dark Reading Staff , 12/20/2019
Comment6 comments  |  Read  |  Post a Comment
'Password' Falls in the Ranks of Favorite Bad Passwords
Kelly Sheridan, Staff Editor, Dark ReadingNews
7x彩票网app, Google named worst password breach offenders.
By Kelly Sheridan Staff Editor, Dark Reading, 12/18/2019
Comment0 comments  |  Read  |  Post a Comment
Higher Degree, Higher Salary? Not for Some Security Pros
Kelly Sheridan, Staff Editor, Dark ReadingNews
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.
By Kelly Sheridan Staff Editor, Dark Reading, 12/17/2019
Comment0 comments  |  Read  |  Post a Comment
Data Security Startup Satori Cyber Launches with $5.25M Seed Round
Kelly Sheridan, Staff Editor, Dark ReadingNews
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 12/17/2019
Comment0 comments  |  Read  |  Post a Comment
SQL Server 2019 Tool Tells Attackers Which Data Is Sensitive
Kelly Sheridan, Staff Editor, Dark ReadingNews
The design of SQL Data Discovery & Classification could let attackers pinpoint sensitive information while flying under organizations' radars.
By Kelly Sheridan Staff Editor, Dark Reading, 12/16/2019
Comment0 comments  |  Read  |  Post a Comment
Fortinet Buys CyberSponse for SOAR Capabilities
Dark Reading Staff, Quick Hits
It plans to integrate CyberSponse's SOAR platform into the Fortinet Security Fabric.
By Dark Reading Staff , 12/13/2019
Comment0 comments  |  Read  |  Post a Comment
Android App Analysis Uncovers Seasonal 7x彩票网appping Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers scanned 4,200 Android apps and found many exhibit malicious behavior or have a dangerous level of permissions.
By Kelly Sheridan Staff Editor, Dark Reading, 12/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
7 Free Tools for Better Visibility Into Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/9/2020
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
Kelly Sheridan, Staff Editor, Dark Reading,  1/10/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-01-15
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.

PUBLISHED: 2020-01-15
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

PUBLISHED: 2020-01-15
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.

PUBLISHED: 2020-01-15
A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.

PUBLISHED: 2020-01-15
Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents.
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app