Dark Reading Article Boards
Latest Message Boards
Page 1 / 2   >   >>
How To Create A Risk 'Pain Chart'
Last Message: 9/2/2014
 |  Comments: 5
10 Common Software Security Design Flaws
Last Message: 9/2/2014
 |  Comments: 17
Heartbleed Not Only Reason For Health Systems Breach
Last Message: 9/2/2014
 |  Comments: 14
Hacker Couture: As Seen At Black Hat USA, BSides, DEF CON
Last Message: 9/2/2014
 |  Comments: 14
All In For The Coming World of 'Things'
Last Message: 9/2/2014
 |  Comments: 6
How I Hacked My Home, IoT Style
Last Message: 9/2/2014
 |  Comments: 16
Top 5 Reasons Your Small Business Website is Under Attack
Last Message: 9/1/2014
 |  Comments: 28
EMR Data Theft Booming
Last Message: 9/1/2014
 |  Comments: 1
Pakistan The Latest Cyberspying Nation
Last Message: 9/1/2014
 |  Comments: 5
"10 Top Password Managers"
Last Message: 8/31/2014
 |  Comments: 40
Online Dating Site Breached
Last Message: 8/31/2014
 |  Comments: 1
Get Smart About Threat Intelligence
Last Message: 8/31/2014
 |  Comments: 5
CryptoWall More Pervasive, Less Profitable Than CryptoLocker
Last Message: 8/29/2014
 |  Comments: 5
Feds Investigating Breaches At JP Morgan, Other Banks
Last Message: 8/29/2014
 |  Comments: 8
Why Are Security Pros Blasé About Compliance?
Last Message: 8/29/2014
 |  Comments: 17
Online Tools For Bug Disclosure Abound
Last Message: 8/29/2014
 |  Comments: 4
Breach of Homeland Security Background Checks Raises Red Flags
Last Message: 8/29/2014
 |  Comments: 13
Cartoon: Old-School Biometrics
Last Message: 8/29/2014
 |  Comments: 1
Sony, XBox Victims Of DDoS, Hacktivist Threats
Last Message: 8/28/2014
 |  Comments: 6
The Best of the Rest of Black Hat: The Enterprise View
Last Message: 8/27/2014
 |  Comments: 147
Access Point Pinched From Black Hat Show WLAN
Last Message: 8/27/2014
 |  Comments: 4
6 Biometric Factors That Are Working Today
Last Message: 8/27/2014
 |  Comments: 23
Debugging The Myths Of Heartbleed
Last Message: 8/26/2014
 |  Comments: 5
Flash Poll: CSOs Need A New Boss
Last Message: 8/26/2014
 |  Comments: 4
27 Million South Koreans Victimized In Online Gaming Heist
Last Message: 8/26/2014
 |  Comments: 6
Hacker Or Military? Best Of Both In Cyber Security
Last Message: 8/26/2014
 |  Comments: 6
Security of 'Things'
Last Message: 8/26/2014
 |  Comments: 3
51 UPS Stores' Point-of-Sale Systems Breached
Last Message: 8/25/2014
 |  Comments: 7
JP Morgan Targeted in New Phishing Campaign
Last Message: 8/25/2014
 |  Comments: 4
The World's Most Hackable Cars
Last Message: 8/23/2014
 |  Comments: 25
Active Directory Flaw Lets Attackers Change Passwords
Last Message: 8/23/2014
 |  Comments: 12
US, German Researchers Build Android Security Framework
Last Message: 8/22/2014
 |  Comments: 2
Why John McAfee Is Paranoid About Mobile
Last Message: 8/21/2014
 |  Comments: 11
Infographic: 70 Percent of World's Critical Utilities Breached
Last Message: 8/20/2014
 |  Comments: 8
Healthcare Information Security: Still No Respect
Last Message: 8/20/2014
 |  Comments: 17
Q&A: DEF CON At 22
Last Message: 8/20/2014
 |  Comments: 2
Cloud Apps & Security: When Sharing Matters
Last Message: 8/19/2014
 |  Comments: 5
SuperValu Food Stores Reports Network Intrusion
Last Message: 8/19/2014
 |  Comments: 8
Community Health Systems Breach Atypical For Chinese Hackers
Last Message: 8/19/2014
 |  Comments: 8
Slideshow: Ten Free Security Monitoring Tools
Last Message: 8/19/2014
 |  Comments: 1
Google Sounds Chrome Browser Hijack Alarm
Last Message: 8/18/2014
 |  Comments: 6
NSA Collected More Records Than Court Allowed
Last Message: 8/18/2014
 |  Comments: 5
Time To Broaden CompSci Curriculum Beyond STEM
Last Message: 8/18/2014
 |  Comments: 15
Stuxnet Exploits Still Alive & Well
Last Message: 8/18/2014
 |  Comments: 3
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.