Best of the Web
Latest Content
Page 1 / 2   >   >>
Xsser Trojan Spies on Jailbroken iOS Devices
Best of the Web  |  10/1/2014  | 
Hackers Arrested for Cracking US Army Network
Best of the Web  |  10/1/2014  | 
TimThumb is No Longer Supported or Maintained
Best of the Web  |  10/1/2014  | 
Stealthgenie Mobile Device Spyware Application
Best of the Web  |  10/1/2014  | 
Global Internet speeds up, DDoS attacks down
Best of the Web  |  10/1/2014  | 
Supervalu Finds Second Data Breach
Best of the Web  |  9/30/2014  | 
CloudFlare: Introducing Universal SSL
Best of the Web  |  9/29/2014  | 
Dyreza takes stock
Best of the Web  |  9/25/2014  | 
Microsoft Starts Online Services Bug Bounty
Best of the Web  |  9/23/2014  | 
iOS 7.1.x Exploit Released (CVE-2014-4377)
Best of the Web  |  9/22/2014  | 
Fake Cell Phone Towers Across the US
Best of the Web  |  9/19/2014  | 
Breach at Goodwill Vendor Lasted 18 Months
Best of the Web  |  9/16/2014  | 
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2003-1598
Published: 2014-10-01
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.

CVE-2011-4624
Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.

CVE-2012-0811
Published: 2014-10-01
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files gene...

CVE-2014-2640
Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-2641
Published: 2014-10-01
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.