Dark Reading Article Boards
Latest Message Boards
Page 1 / 2   >   >>
Gas Stations Urged To Secure Exposed Fuel Tank Devices
Last Message: 1/26/2015
 |  Comments: 3
Cartoon: End-User Ed
Last Message: 1/26/2015
 |  Comments: 2
Could The Sony Attacks Happen Again? Join The Conversation
Last Message: 1/26/2015
 |  Comments: 13
Growing Open Source Use Heightens Enterprise Security Risks
Last Message: 1/26/2015
 |  Comments: 9
Security Skills Shortage? Don’t Panic!
Last Message: 1/26/2015
 |  Comments: 1
What Government Can (And Can’t) Do About Cybersecurity
Last Message: 1/26/2015
 |  Comments: 17
Diverse White Hat Community Leads To Diverse Vuln Disclosures
Last Message: 1/26/2015
 |  Comments: 6
Nation-State Cyberthreats: Why They Hack
Last Message: 1/26/2015
 |  Comments: 10
Why Russia Hacks
Last Message: 1/26/2015
 |  Comments: 16
Security MIA In Car Insurance Dongle
Last Message: 1/26/2015
 |  Comments: 11
NSA Report: How To Defend Against Destructive Malware
Last Message: 1/24/2015
 |  Comments: 3
Facebook Messenger: Classically Bad AppSec
Last Message: 1/23/2015
 |  Comments: 2
Recruit, Reward & Retain Cybersecurity Experts
Last Message: 1/22/2015
 |  Comments: 5
Adobe Investigating New Flash Zero-Day Spotted In Crimeware Kit
Last Message: 1/22/2015
 |  Comments: 2
Security Budgets Going Up, Thanks To Mega-Breaches
Last Message: 1/22/2015
 |  Comments: 5
The Truth About Malvertising
Last Message: 1/21/2015
 |  Comments: 7
Black Hat & DEF CON: 3 Lessons From A Newbie
Last Message: 1/21/2015
 |  Comments: 8
The Sony Hack: A Security Community Discussion
Last Message: 1/21/2015
 |  Comments: 103
Ransomware Leads Surge In 2014 Mobile Malware Onslaught
Last Message: 1/21/2015
 |  Comments: 3
'123456' & 'Password' Are The 2 Most Common Passwords, Again
Last Message: 1/21/2015
 |  Comments: 3
A Lot of Security Purchases Remain Shelfware
Last Message: 1/21/2015
 |  Comments: 9
Franchising The Chinese APT
Last Message: 1/21/2015
 |  Comments: 8
‘Walk & Stalk’: A New Twist In Cyberstalking
Last Message: 1/21/2015
 |  Comments: 5
In Wake Of Violence, France Reports Spike In Cyberattacks
Last Message: 1/19/2015
 |  Comments: 8
Why North Korea Hacks
Last Message: 1/19/2015
 |  Comments: 10
Bank Fraud Toolkit Circumvents 2FA & Device Identification
Last Message: 1/16/2015
 |  Comments: 5
4 Mega-Vulnerabilities Hiding in Plain Sight
Last Message: 1/16/2015
 |  Comments: 1
Insider Threats in the Cloud: 6 Harrowing Tales
Last Message: 1/16/2015
 |  Comments: 5
Anatomy Of A 'Cyber-Physical' Attack
Last Message: 1/15/2015
 |  Comments: 3
2015: The Year Of The Security Startup – Or Letdown
Last Message: 1/15/2015
 |  Comments: 5
How PCI DSS 3.0 Can Help Stop Data Breaches
Last Message: 1/15/2015
 |  Comments: 9
Threat Intelligence: Sink or Swim?
Last Message: 1/14/2015
 |  Comments: 7
20 Startups To Watch In 2015
Last Message: 1/14/2015
 |  Comments: 6
Fresh Target Breach Cards Hitting Black Market
Last Message: 1/14/2015
 |  Comments: 17
New Data Illustrates Reality Of Widespread Cyberattacks
Last Message: 1/14/2015
 |  Comments: 2
US CENTCOM Twitter Hijack 'Purely' Vandalism
Last Message: 1/14/2015
 |  Comments: 4
Cloud Services Adoption: Rates, Reasons & Security Fears
Last Message: 1/13/2015
 |  Comments: 3
Chick-fil-A Breach: Avoiding 5 Common Security Mistakes
Last Message: 1/13/2015
 |  Comments: 3
Insider Threat, Shadow IT Concerns Spur Cloud Security
Last Message: 1/12/2015
 |  Comments: 3
Medical Device Security: A Work In Progress
Last Message: 1/12/2015
 |  Comments: 2
Shadow IT: Not The Risk You Think
Last Message: 1/11/2015
 |  Comments: 1
Cybercrime Dipped During Holiday Shopping Season
Last Message: 1/9/2015
 |  Comments: 7
Long-Running Cyberattacks Become The Norm
Last Message: 1/9/2015
 |  Comments: 5
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8148
Published: 2015-01-26
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.

CVE-2014-8157
Published: 2015-01-26
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

CVE-2014-8158
Published: 2015-01-26
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

CVE-2014-9571
Published: 2015-01-26
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.

CVE-2014-9572
Published: 2015-01-26
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with the value 4.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.