Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

News & Commentary
Security Now Merges With Dark Reading
Tim Wilson, Editor in Chief, Dark Reading, News
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
By Tim Wilson, Editor in Chief, Dark Reading , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Lumu to Emerge from Stealth at RSAC
Dark Reading Staff, Quick Hits
The new company will focus on giving customers earlier indications of network and server compromise.
By Dark Reading Staff , 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Keeping a Strong Security Metrics Framework Strong
Joshua Goldfarb, Independent ConsultantCommentary
Don't just report metrics -- analyze, understand, monitor, and adjust them. These 10 tips will show you how.
By Joshua Goldfarb Independent Consultant, 2/11/2020
Comment1 Comment  |  Read  |  Post a Comment
Forescout Acquired by Private Equity Team
Dark Reading Staff, Quick Hits
The deal, valued at $1.9 billion, is expected to close next quarter.
By Dark Reading Staff , 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
Businesses Improve Their Data Security, But Privacy Not So Much
Robert Lemos, Contributing WriterNews
While the California Consumer Privacy Act will force companies to provide a modicum of meaningful privacy, World Privacy Day still mainly celebrates data security.
By Robert Lemos Contributing Writer, 1/29/2020
Comment0 comments  |  Read  |  Post a Comment
How to Get the Most Out of Your Security Metrics
Curtis Simpson, Chief Information Security Officer at ArmisCommentary
There's an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives.
By Curtis Simpson Chief Information Security Officer at Armis, 1/27/2020
Comment1 Comment  |  Read  |  Post a Comment
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark ReadingNews
New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.
By Kelly Sheridan Staff Editor, Dark Reading, 1/22/2020
Comment1 Comment  |  Read  |  Post a Comment
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
The approach allowed researchers to use machine learning on encrypted data without first decrypting it.
By Kelly Sheridan Staff Editor, Dark Reading, 1/10/2020
Comment3 comments  |  Read  |  Post a Comment
6 Unique InfoSec Metrics CISOs Should Track in 2020
Joan Goodchild, Contributing Writer
You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven't even considered yet.
By Joan Goodchild Contributing Writer, 1/10/2020
Comment0 comments  |  Read  |  Post a Comment
7 Free Tools for Better Visibility Into Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading
It's hard to protect what you don't know is there. These free tools can help you understand just what it is that you need to protect -- and need to protect yourself from.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/9/2020
Comment3 comments  |  Read  |  Post a Comment
Insight Partners Acquires Armis at $1.1B Valuation
Dark Reading Staff, Quick Hits
This deal marks the largest-ever acquisition of a private Israeli cybersecurity company, Armis' co-founders report.
By Dark Reading Staff , 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
Mimecast Acquires Segasec to Boost Phishing Defense
Dark Reading Staff, Quick Hits
Segasec's technology will be integrated into Mimecast's email and Web security services to identify malicious domains.
By Dark Reading Staff , 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Big Changes Are Coming to Security Analytics & Operations
Jon Oltsik, Senior Principal Analyst & Fellow, Enterprise Strategy GroupCommentary
New ESG research points to fundamental problems, a need for scalable security data pipelines, and a migration to the public cloud.
By Jon Oltsik Senior Principal Analyst & Fellow, Enterprise Strategy Group, 12/11/2019
Comment5 comments  |  Read  |  Post a Comment
Microsoft Defender ATP Brings EDR Capabilities to macOS
Dark Reading Staff, Quick Hits
Mac computers will now have the option to use Microsoft Defender Advanced Threat Protection's endpoint and detection response.
By Dark Reading Staff , 12/5/2019
Comment1 Comment  |  Read  |  Post a Comment
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerryCommentary
How the helping hand of artificial intelligence allows security teams to remain human while protecting themselves from their own humanity being used against them.
By John McClurg Sr. VP & CISO, BlackBerry, 11/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Sumo Logic Buys JASK Labs to Tackle SOC Challenges
Dark Reading Staff, Quick Hits
Sumo Logic plans to integrate JASK's autonomous security operations center software into a new intelligence tool.
By Dark Reading Staff , 11/4/2019
Comment0 comments  |  Read  |  Post a Comment
How Much Security Is Enough? Practitioners Weigh In
Kelly Sheridan, Staff Editor, Dark ReadingNews
Most IT and security pros surveyed say they could afford some, but not all, of the minimum security needed to protect themselves.
By Kelly Sheridan Staff Editor, Dark Reading, 10/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Google Cloud Launches Security Health Analytics in Beta
Dark Reading Staff, Quick Hits
The tool is designed to help identify misconfigurations and compliance violations in the Google Cloud Platform.
By Dark Reading Staff , 10/16/2019
Comment0 comments  |  Read  |  Post a Comment
Tamper Protection Arrives for Microsoft Defender ATP
Dark Reading Staff, Quick Hits
The feature, designed to block unauthorized changes to security features, is now generally available.
By Dark Reading Staff , 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Close the Gap Between Cyber-Risk and Business Risk
Brian Contos, CISO & VP of Techology Innovation at VerodinCommentary
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.
By By Brian Contos, CISO, Verodin , 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17229
PUBLISHED: 2020-02-24
includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues.
CVE-2020-9374
PUBLISHED: 2020-02-24
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
CVE-2019-12510
PUBLISHED: 2020-02-24
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. As a resul...
CVE-2019-12511
PUBLISHED: 2020-02-24
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being e...
CVE-2019-12512
PUBLISHED: 2020-02-24
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanced ...