Author
 Ericka Chickowski
Twitter
Twitter
RSS
E-Mail

Profile of Ericka Chickowski

Contributing Writer, Dark Reading
News & Commentary Posts: 284

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading

Articles by Ericka Chickowski

IoT Flaw Discoveries Not Impactful--Yet

7/6/2015
As flaws announced at Black Hat USA and elsewhere highlight IoT weaknesses, the impact of these vulns still remains low in the face of vast distribution. But that could change with market consolidation.

Post a Comment
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: good work
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1009
Published: 2015-07-31
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

CVE-2015-1486
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.

CVE-2015-1487
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.

CVE-2015-1488
Published: 2015-07-31
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.

CVE-2015-1489
Published: 2015-07-31
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!