Database Security

Authentication

Privacy

Compliance

Careers & People

Identity & Access Management

Threat Intelligence

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Advertise With Us

About Us

Digital Subscription

Author

Profile of William Jackson

Technology Writer

News & Commentary Posts: 1

William Jackson is a technology writer based in Washington, D.C. He has been a journalist for more than 35 years, most recently covering the $80 billion federal government IT sector for Government Computer News. His coverage has ranged from architecture to international trade, but for the last 20 years he has focused on telecommunications, networking, and cyber-security in the public sector. He has received numerous journalism and industry awards and has spoken on radio and television about trends in government acquisition and the use of information technology as well as the challenges presented by cyber-security threats.

Articles by William Jackson

View Content By Month

Feds Launch Cyber Security Guidelines For U.S. Infrastructure Providers

2/12/2014
The White House on Wednesday released the first version of its cyber security framework for protecting critical infrastructure. Critics say these voluntary guidelines enshrine the status quo
Post a Comment

Content by Month
February 2014 - 1
[close this box]

Live Events

Webinars

More UBM Tech
Live Events

Join Security Experts at Black Hat Asia 2015

Go Hack Yourself: Offensive Security Tools for Enterprise Defenders

Achieving Operational Excellence Through DevOps

White Papers

Capitalizing On Big Data: Managed Services Help Financial Firms Accelerate Big Data Projects

Q&A: Your Top 10 Questions About Managing Freelancers & Independent Contractors

[eGuide] Advanced Threat Hunting

The Internet of Things Supply Chain

Bank Strengthens Mobile Security, Lowers Costs & Enhances Customer Service

More White Papers

Cartoon

Latest Comment: I want to know where to get a tablet with that large a screen!(Maybe they're the old "convertibles.")

Cartoon Archive

Current Issue

Dark Reading Tech Digest, Dec. 19, 2014

Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.

Download This Issue!

Subscribe Now!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Infographics

10 Recommendations for Outsourcing Security

Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?

Download Now!

Title Partner’s Role in Perimeter Security

0 comments

Threat Intel Today

0 comments

DevOps’ Impact on Application Security

0 comments

More Reports

Video

All Videos

Slideshows

7 Things You Should Know About Secure Payment Technology

14 comments | Read | Post a Comment

20 Startups To Watch In 2015

CISO Holiday Bookshelf

More Slideshows

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2014-9676

Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682

Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655

Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884

Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885

Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio

Archived Dark Reading Radio

How To Get More Involved In the IT Security Community

How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.

UPCOMING!
Wednesday, March 18, 1pm EDT
New Cybercrime Crackdown Could Backfire And Criminalize Security Professionals

FULL SCHEDULE | ARCHIVED SHOWS

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]