DRTV

Cybercriminals' Superior Business Savvy Keeps Them Ahead
Cybercriminals' Superior Business Savvy Keeps Them Ahead
Dark Reading Videos  |  9/30/2016  | 
Rick Holland of Digital Shadows explains how the attackers' superior business agility, faster change management, specialized job force, lower barriers to entry and bulletproof hosting keeps them ahead of the good guys.
Improving Security Savvy Of Execs And Board Room
Improving Security Savvy Of Execs And Board Room
Dark Reading Videos  |  9/28/2016  | 
Jeff Welgan describes how best to improve cybersecurity literacy throughout the C-suite.
An Open-Source Security Maturity Model
An Open-Source Security Maturity Model
Dark Reading Videos  |  9/23/2016  | 
Oh you don't run open-source code? Really? Christine Gadsby and Jake Kouns explain how to identify and secure all those open-source libraries and other third-party components lurking inside your applications, proprietary and otherwise.
D-FENSE! Using Research To Craft Effective Cyber Defenses
D-FENSE! Using Research To Craft Effective Cyber Defenses
Dark Reading Videos  |  9/23/2016  | 
A pair of experts from Imperva stops by the Dark Reading News Desk to chat.
How Windows 10 Stops Script-Based Attacks On The Fly
How Windows 10 Stops Script-Based Attacks On The Fly
Dark Reading Videos  |  9/21/2016  | 
Move over Apple 'Walled Garden.' Windows 10's new antimalware scan interface halts scripts by signing code on the fly... but does it work? Security researcher Nikhil Mittal takes a look.
 How You Can Support InfoSec Diversity, Starting With The Colleagues You Already Have
How You Can Support InfoSec Diversity, Starting With The Colleagues You Already Have
Dark Reading Videos  |  9/20/2016  | 
Jamesha Fisher, Security Operations Engineer of GitHub, visits the Dark Reading News Desk at Black Hat to discuss her work making security more accessible to the uninitiated, and how a predominately white and male information security field can better support women and people of color.
Rise Of Machine Learning: Advancing Security With ML
Rise Of Machine Learning: Advancing Security With ML
Dark Reading Videos  |  9/20/2016  | 
Hal Lonas of Webroot drops by the Dark Reading News Desk at Black Hat.
The Future Of AI-Based Cybersecurity: It's Here Now
The Future Of AI-Based Cybersecurity: It's Here Now
Dark Reading Videos  |  9/19/2016  | 
Stuart McClure, president and CEO of Cylance, stops by the Dark Reading News Desk at Black Hat.
Stop Blaming Users. Make Security User-Friendly.
Stop Blaming Users. Make Security User-Friendly.
Dark Reading Videos  |  9/15/2016  | 
Jelle Niemantsverdriet of Deloitte explains how security improves if security tools and error messages educate users and 'put a smile on someone's face.'
Making The Dark Web Less Scary
Making The Dark Web Less Scary
Dark Reading Videos  |  9/14/2016  | 
Lance James, chief scientist at Flashpoint, stops by the Dark Reading News Desk to share his thoughts about the Dark Web.
Keep It Simple: Security For A Complex Enterprise
Keep It Simple: Security For A Complex Enterprise
Dark Reading Videos  |  9/14/2016  | 
Michelle Cobb of Skybox Security talks to Dark Reading about security management.
Taking Down Impersonators: Methods For Combating Email Fraud
Taking Down Impersonators: Methods For Combating Email Fraud
Dark Reading Videos  |  9/14/2016  | 
Bob Adams, cybersecurity strategist at Mimecast, stops by the Black Hat News Desk.
Wisdom From A Thought Leader: AppSec Best Practices
Wisdom From A Thought Leader: AppSec Best Practices
Dark Reading Videos  |  9/14/2016  | 
The Black Hat News Desk chats with Jeff Williams, CTO at Contrast Security.
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Dark Reading Videos  |  9/14/2016  | 
Tom Nipravsky, security researcher at Deep Instinct, explains how to tell the difference between a digital certificate that's worth your trust and one that isn't.
Yes, Your Database Can Be Breached Through A Coffee Pot
Yes, Your Database Can Be Breached Through A Coffee Pot
Dark Reading Videos  |  9/13/2016  | 
Aditya Gupta, CEO of Attify, talks about how to improve Internet of Things security and the very worst scenarios he's encountered in an IoT penetration test.
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dark Reading Videos  |  9/12/2016  | 
Dan Kaminsky discusses how to improve the security and privacy of the Internet without destroying the openness and freedom to innovate that it has always provided.
Look The Other Way: DDoS Attacks As Diversions
Look The Other Way: DDoS Attacks As Diversions
Dark Reading Videos  |  9/7/2016  | 
Black Hat News Desk talks to Joe Loveless of Neustar.
Bad Boys, Whatcha Gonna Do When They Come For You?
Bad Boys, Whatcha Gonna Do When They Come For You?
Dark Reading Videos  |  9/7/2016  | 
A Black Hat News Desk discussion with Shehzad Merchant of Gigamon.
Get Smarter About Threat Intelligence
Get Smarter About Threat Intelligence
Dark Reading Videos  |  9/7/2016  | 
A conversation with Anomali CEO Hugh Njemanze.


'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.