Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
Gap Between Security and Networking Teams May Hinder Tech Projects
Dark Reading Staff, Quick Hits
Professionals in each field describe a poor working relationship between the two teams
By Dark Reading Staff , 5/5/2021
Comment0 comments  |  Read  |  Post a Comment
Wanted: The (Elusive) Cybersecurity 'All-Star'
Steve Zurier, Contributing WriterNews
Separate workforce studies by (ISC) and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.
By Steve Zurier Contributing Writer, 5/5/2021
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading Celebrates 15th Anniversary
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
By Tim Wilson, Editor in Chief, Dark Reading , 5/3/2021
Comment0 comments  |  Read  |  Post a Comment
Challenging Our Education System to Nurture the Cyber Pipeline
Stephanie Aceves, Senior Director, Threat Response SME Lead, at TaniumCommentary
Let's teach students how to teach themselves. Once we do that, we will have taught a generation of students how to think like hackers.
By Stephanie Aceves Senior Director, Threat Response SME Lead, at Tanium, 4/27/2021
Comment0 comments  |  Read  |  Post a Comment
In Appreciation: Dan Kaminsky
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Beloved security industry leader and researcher passes away unexpectedly at the age of 42.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/26/2021
Comment0 comments  |  Read  |  Post a Comment
KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features
Robert Lemos, Contributing WriterNews
Security awareness firm aims expand into Europe and Asia, and add automation and machine learning to its technology.
By Robert Lemos Contributing Writer, 4/23/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Greetings, Earthlings
John Klossner, CartoonistCommentary
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 4/22/2021
Comment17 comments  |  Read  |  Post a Comment
Dark Reading to Upgrade Site Design, Performance
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Improvements will make site content easier to navigate, faster, and more functional.
By Tim Wilson, Editor in Chief, Dark Reading , 4/13/2021
Comment1 Comment  |  Read  |  Post a Comment
Biden Nominates Former NSA Officials for Top Cybersecurity Roles
Kelly Sheridan, Staff Editor, Dark ReadingNews
President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2021
Comment0 comments  |  Read  |  Post a Comment
Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help
Sabrina Castiglione, Chief Financial Officer & Acting Head of TalentCommentary
Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic.
By Sabrina Castiglione Chief Financial Officer & Acting Head of Talent, 4/9/2021
Comment0 comments  |  Read  |  Post a Comment
Handcuffs Over AI: Solving Security Challenges With Law Enforcement
Charles Herring, CTO and Co-Founder, WitFooCommentary
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.
By Charles Herring CTO and Co-Founder, WitFoo, 4/8/2021
Comment4 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Something Seems Afoul
John Klossner, CartoonistCommentary
And the winner of Dark Readings's March cartoon caption contest is ...
By John Klossner Cartoonist, 4/7/2021
Comment0 comments  |  Read  |  Post a Comment
US Tech Dominance Rides on Securing Intellectual Property
Joe Payne, President and CEO at Code42Commentary
A recent, mostly overlooked pardon points to a big problem in the US tech industry: Intellectual property offers a lucrative golden ticket for insiders.
By Joe Payne President and CEO at Code42, 4/2/2021
Comment0 comments  |  Read  |  Post a Comment
Solving the Leadership Buy-In Impasse With Data
Richard Amburgey, Chief Security Officer (CSO), Bureau of Labor StatisticsCommentary
Justify your requirements with real numbers to get support for security investments.
By Richard Amburgey Chief Security Officer (CSO), Bureau of Labor Statistics, 4/1/2021
Comment0 comments  |  Read  |  Post a Comment
Advice From Security Experts: How to Approach Security in the New Normal
Dan Dinnar, CEO, Source DefenseCommentary
Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.
By Dan Dinnar CEO, Source Defense, 3/31/2021
Comment0 comments  |  Read  |  Post a Comment
Data Bias in Machine Learning: Implications for Social Justice
Christelle Kamaliza & Suzannah Hicks, Market Research Specialist / Data Scientist & Strategist, IAPPCommentary
Take historically biased data, then add AI and ML to compound and exacerbate the problem.
By Christelle Kamaliza & Suzannah Hicks Market Research Specialist / Data Scientist & Strategist, IAPP, 3/26/2021
Comment0 comments  |  Read  |  Post a Comment
Security Operations in the World We Live in Now
Amos Stern, CEO & Co-Founder, SiemplifyCommentary
Despite the challenges of remote work, security operations teams can position themselves well for the future.
By Amos Stern CEO & Co-Founder, Siemplify, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
The CIO's Shifting Role: Improving Security With Shared Responsibility
Keith Neilson, Technical Evangelist for CloudSphereCommentary
CIOs must create a culture centered around cybersecurity that is easily visible and manageable.
By Keith Neilson Technical Evangelist for CloudSphere, 3/25/2021
Comment0 comments  |  Read  |  Post a Comment
CSA & ISACA Team Up on Cloud Auditing Certificate
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Certificate of Cloud Auditing Knowledge aims to fill a gap in the market for cloud IT auditing as more organizations work in cloud environments.
By Kelly Sheridan Staff Editor, Dark Reading, 3/22/2021
Comment0 comments  |  Read  |  Post a Comment
Qualys CEO Courtot Departs for Health Reasons
Dark Reading Staff, Quick Hits
The well-known security industry entrepreneur initially took a leave of absence in February.
By Dark Reading Staff , 3/22/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
CVE-2021-32606
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
CVE-2021-3504
PUBLISHED: 2021-05-11
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to...
CVE-2021-20309
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to ...
CVE-2021-20310
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this...