Author

 Sharon Gaudin

Profile of Sharon Gaudin

News & Commentary Posts: 12
Articles by Sharon Gaudin

Would You Hire This Hacker?

9/28/2007
Convicted hacker Robert Moore started serving his two-year prison sentence yesterday. He has high hopes that a security company will scoop him up when he gets out. The question is: Would you hire this man?

Post a Comment

Advice On Building A Better Password

8/24/2007
We're always hearing that we need stronger passwords, but many people don't know how to craft a better, stronger password or they simply don't take the time to come up with some crazy complex string that they have no chance of remembering. I was just talking with someone who gave me some great advice.

Post a Comment

Enterprise 2.0--Changing Corporate Culture Before Changing The Tech

6/18/2007
At the Enterprise 2.0 conference in Boston this week I quickly caught on that this business/technology move isn't so much about the tech behind it but about harnessing what evangelists call the 'collective intelligence.' What they're getting at is that blogs and wikis aren't just cool and fun, they could help smart employees who are never heard find a corporate voice.

Post a Comment

How Happy Are You With Your Salary?

6/11/2007
I got an interesting piece of information last week. Alan Paller of the SANS Institute tells me people who see their salaries increasing each year are more satisfied with their salaries than those who are paid well but who don't see it getting any better.

Post a Comment

Vegas BBQ -- Burn, PC, Burn

5/24/2007
Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.

Post a Comment

Vigilante Hacker -- Hero Or Menace? Your Call…

2/26/2007
The jury's out on a controversial hack job. Oh, one man is already going to jail in this tale. The question is whether the hacker who helped put the bad guy away was the hero of the story or just another bad guy. What's your take on this one?

Post a Comment

New Drive-By Attack Taking Over Home Routers

2/15/2007
Researchers at Symantec are warning users that if they haven't changed the default password on their home wireless router, they should finally just DO IT. Symantec's Zulfikar Ramzan issued a warning Thursday that hackers are lacing phony Web sites with malicious code that actually will log into and mess with your home broadband router. He's coined a term for it: Drive-By Pharming.

Post a Comment

Visual C++ Flaw Leads To Y3K -- Seriously

2/14/2007
Think the software industry learned its lesson with the whole Y2K debacle? Of course not. The Department of Homeland Security issued a warning this week that there's a flaw in Microsoft's Visual C++ programming environment that could actually cause programs written with it to crash when we pass the Year 3000. Of course, unless today's programs are around in another 993 years, it won't be a drastic issue.

Post a Comment

Keeping Our Private Info Private In An Online World

8/9/2006
There were a couple of incidents this week that made me stop and think about my own personal data--and who has it. But more important than any musings about what information about me--my address or financial records or personnel records from various jobs--is stored out there is who could get their hands on it. And it seems the answer to that question is, apparently, absolutely anyone.

Post a Comment
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.