Issue Archives
Dark Reading August 12, 2014 Tech Digest
Publish Date: Aug 12,2014
Dark Reading Must Reads August 5, 2014
Publish Date: Aug 5,2014
Dark Reading Must Reads July 15, 2014
Publish Date: Jul 15,2014
DarkReading Tech Digest -June 9, 2014
Publish Date: Jul 8,2014
Dark Reading June 2014 Tech Digest
Publish Date: Jun 9,2014
Dark Reading May 2014 Must Reads
Publish Date: May 28,2014
Dark Reading - June 2014
Publish Date: May 20,2014
Dark Reading April 2014
Publish Date: Mar 18,2014
Dark Reading February 2014 Tech Digest
Publish Date: Feb 10,2014
Dark Reading January 2014 Tech Digest
Publish Date: Jan 7,2014
Dark Reading December 2013 Must Reads
Publish Date: Dec 11,2013
Dark Reading December 2013 Issue
Publish Date: Dec 9,2013
Dark Reading December 2013 Must Reads
Publish Date: Dec 3,2013
Dark Reading November 2013 Special Issue
Publish Date: Oct 28,2013
Dark Reading October 2013 Issue
Publish Date: Oct 14,2013
Dark Reading October 2013 IT Trends
Publish Date: Oct 9,2013
Dark Reading October 2013 Must Reads - Risk Management
Publish Date: Oct 2,2013
Dark Reading October 2013 Must Reads
Publish Date: Sep 26,2013
Dark Reading September 2013 Special Issue
Publish Date: Sep 16,2013
Dark Reading August 2013 Issue
Publish Date: Aug 19,2013
Dark Reading August 2013 Special Issue
Publish Date: Aug 7,2013
Dark Reading July 2013 IT Trends
Publish Date: Jul 17,2013
Dark Reading July 2013 Must Reads
Publish Date: Jul 11,2013
Dark Reading June 2013 Digital Issue
Publish Date: Jun 3,2013
Dark Reading May 2013 Digital Supplement
Publish Date: May 20,2013
Dark Reading April 2013 Digital Issue
Publish Date: Apr 15,2013
DarkReading March 2013 Special Issue
Publish Date: Mar 11,2013
Dark Reading March 2013 Digital Supplement
Publish Date: Mar 4,2013
Dark Reading August 2011 Digital Issue
Publish Date: Feb 18,2013
Dark Reading February 2013 Digital Issue
Publish Date: Feb 4,2013
Dark Reading November 2012 Special Issue
Publish Date: Nov 12,2012
Dark Reading November Special Issue
Publish Date: Oct 29,2012
Dark Reading October 2012 Issue
Publish Date: Oct 15,2012
Dark Reading September 17, 2012 Digital Supplement
Publish Date: Sep 17,2012
Dark Reading Special September 2012 Issue
Publish Date: Aug 27,2012
Dark Reading Special September 2012 Issue
Publish Date: Aug 22,2012
Dark Reading August 2012 Digital Supplement
Publish Date: Aug 15,2012
Dark Reading July 2012 Digital Issue
Publish Date: Jul 7,2012
Dark Reading May 2012 Digital Supplement
Publish Date: May 15,2012
Dark Reading April 2012 Digital Issue
Publish Date: Apr 15,2012
Dark Reading March 2012 Digital Supplement
Publish Date: Feb 27,2012
Dark Reading January 2012 Digital Supplement
Publish Date: Jan 26,2012
Dark Reading January 2012 Digital Issue
Publish Date: Jan 1,2012
Dark Reading December 2011 Digital Issue
Publish Date: Dec 15,2011
Dark Reading December 2011 Digital Issue
Publish Date: Dec 1,2011
Dark Reading October 2011 Digital Issue
Publish Date: Oct 4,2011
Dark Reading August 2011 Digital Issue
Publish Date: Aug 16,2011
Dark Reading July 2011 Digital Issue
Publish Date: Jul 1,2011
Dark Reading June 2011 Digital Issue
Publish Date: Jun 1,2011
Dark Reading April 2011 Digital Issue
Publish Date: Apr 1,2011
Dark Reading March 2011 Digital Issue
Publish Date: Mar 1,2011
Dark Reading January 2011 Digital Issue
Publish Date: Jan 1,2011
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.