Dark Reading Article Boards
Latest Message Boards
Page 1 / 2   >   >>
Time to Rethink Patching Strategies
Last Message: 12/20/2014
 |  Comments: 9
Obama: U.S. Will Respond 'Proportionately' to Sony Cyber Attack
Last Message: 12/20/2014
 |  Comments: 1
5 Pitfalls to Avoid When Running Your SOC
Last Message: 12/19/2014
 |  Comments: 2
The New Target for State-Sponsored Cyber Attacks: Applications
Last Message: 12/19/2014
 |  Comments: 1
'Grinch' Bug May Affect Most Linux Systems
Last Message: 12/18/2014
 |  Comments: 2
Open Source Encryption Must Get Smarter
Last Message: 12/18/2014
 |  Comments: 3
How to Become a CISO
Last Message: 12/17/2014
 |  Comments: 87
Dark Reading Radio: How To Become A CISO
Last Message: 12/17/2014
 |  Comments: 2
Price Tag Rises For Stolen Identities Sold In The Underground
Last Message: 12/17/2014
 |  Comments: 4
Targeted Attacks: A Defender's Playbook
Last Message: 12/16/2014
 |  Comments: 3
Cartoon: The Insider Threat
Last Message: 12/16/2014
 |  Comments: 10
Cyber Security Practices Insurance Underwriters Demand
Last Message: 12/15/2014
 |  Comments: 2
Sony Hackers Knew Details Of Sony's Entire IT Infrastructure
Last Message: 12/15/2014
 |  Comments: 29
FBI Calls For Law Facilitating Security Information Sharing
Last Message: 12/15/2014
 |  Comments: 2
Hiring Hackers To Secure The Internet Of Things
Last Message: 12/15/2014
 |  Comments: 3
Cyberattacks Longer, More Continuous Than Before
Last Message: 12/15/2014
 |  Comments: 1
Attackers Turn Focus to PoS Vendors
Last Message: 12/14/2014
 |  Comments: 1
DARPA Investigates Storytelling As Security Science
Last Message: 12/14/2014
 |  Comments: 1
Poll: The Perimeter Has Shattered!
Last Message: 12/14/2014
 |  Comments: 9
"10 Strategies To Fight Anonymous DDoS Attacks"
Last Message: 12/13/2014
 |  Comments: 9
'DeathRing' Malware Found Pre-Installed On Smartphones
Last Message: 12/12/2014
 |  Comments: 4
How To Become a CISO: Top Tips
Last Message: 12/12/2014
 |  Comments: 1
Securing the Internet of Things
Last Message: 12/11/2014
 |  Comments: 1
Ex-NSA Agents' Security Startup Lands $8 Million In Funding
Last Message: 12/11/2014
 |  Comments: 4
"Can The NSA Really Track Turned-Off Cellphones?"
Last Message: 12/11/2014
 |  Comments: 10
Breach Security 101
Last Message: 12/10/2014
 |  Comments: 1
'Inception' Cyber Espionage Campaign Targets PCs, Smartphones
Last Message: 12/10/2014
 |  Comments: 1
Employees Still Get More Access Than They Need
Last Message: 12/10/2014
 |  Comments: 1
Moving Beyond 2-Factor Authentication With ‘Context’
Last Message: 12/9/2014
 |  Comments: 11
2014: The Year of Shaken Trust
Last Message: 12/9/2014
 |  Comments: 1
Internet Of Things Devices Are Doomed
Last Message: 12/6/2014
 |  Comments: 10
Why ‘Regin’ Malware Changes Threatscape Economics
Last Message: 12/5/2014
 |  Comments: 3
Q&A: Internet Encryption As The New Normal
Last Message: 12/4/2014
 |  Comments: 6
New TLS/SSL Version Ready In 2015
Last Message: 12/4/2014
 |  Comments: 2
The Case for Compelling Executive Dashboards
Last Message: 12/4/2014
 |  Comments: 4
The Real Cost of Cyber Incidents, According To Insurers
Last Message: 12/4/2014
 |  Comments: 3
Leveraging The Kill Chain For Awesome
Last Message: 12/4/2014
 |  Comments: 1
How I Became a CISO: Jonathan Trull, Qualys
Last Message: 12/3/2014
 |  Comments: 1
"Microsoft Tech Support Scams: Why They Thrive"
Last Message: 12/3/2014
 |  Comments: 7
How Startups Can Jumpstart Security Innovation
Last Message: 12/3/2014
 |  Comments: 1
Why We Need Better Cyber Security: A Graphical Snapshot
Last Message: 12/3/2014
 |  Comments: 13
How I Became A CISO: Mark Potter, Danya International
Last Message: 12/3/2014
 |  Comments: 3
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.