Commentary

Featured Commentary

Security War Games

By David Schwartzberg
Sophos

Information security keeps evolving but our educational methods are not evolving rapidly enough to win the cold cyberwar.

| Read Article >>
Why Databases Monitoring?

By Adrian Lane

Hoping other people detect your breach before you lose millions.

| Read Article >>
Know Your Pen Tester: The Novice

By Vincent Liu

Beware of the tool-obsessed pen-tester

| Read Article >>
Use A Human Trust Model For Endpoints

By Tim Rohrbaugh

Use anthropomorphic references to engage your brain and strengthen your approach to security

| Read Article >>
The Dragon In The Room

By Kelly Jackson Higgins

China, China, China

| Read Article >>
I Think We're All Botnets On This Bus

By Wendy Nather

How many undercover researchers can fit under one cover?

| Read Article >>
Five Questions To Ask When Choosing A Threat Intelligence Service

By Tim Wilson

Threat intelligence services are becoming an essential weapon in the enterprise security arsenal. Do you know how to choose one?

| Read Article >>
Panic Now

By Glenn S. Phillips

There is a big difference between panic and anxiety

| Read Article >>
Security Minor Leagues

By Mike Rothman

The security skills gap continues to expand as more companies realize what they need and, more importantly what they don't have. We need a security minor league system to meet the demand

| Read Article >>
La Vie En ROSI

By Wendy Nather

Return on security investment may be slightly less mythical than you think

| Read Article >>
Dark Reading's Seven-Year Itch

By Tim Wilson

After seven years of covering the security industry, Dark Reading is just getting started

| Read Article >>
Exploit Devs At Risk: The Nuclear Scientists Of The Next Decade?

By Tom Parker

Will a nations exploit developers become the potential targets of state-sponsored assassinations in the future, much like the nuclear scientists of the past century?

| Read Article >>
Big Data Makes A Big Target

By Tim Wilson

LivingSocial.com is another in a long line of "big scores" for data attackers

| Read Article >>
Hacker Conferences Come To Bloom In Chicago

By David Schwartzberg
Sophos

Chicago was off the hook with two hacker conferences hosting Bruce Schneier, Josh Corman, Jericho, and many others, including a few first-time presenters

| Read Article >>
The Many Faces Of The Verizon Data Breach Investigation Report

By Tim Wilson

Verizon's annual data breach report offers volumes of data -- and even more interpretations

| Read Article >>
Did The Dog Bark In the Night?

By Wendy Nather

What we still don't know, despite the data

| Read Article >>
Scan My Eyeball, Already

By Kelly Jackson Higgins

Could consumers be the catalyst for the password's ultimate demise?

| Read Article >>
Trickle-Down Threat Intelligence

By Wendy Nather

Tiers are not enough when intel is at stake

| Read Article >>
What Every CFO Should Know About Security Breaches

By Tim Wilson

Panelists say chief financial officers should know the difference between good security spending and bad

| Read Article >>
ACLU Issues Wake-Up Call To Android Service Providers

By Tim Wilson

In complaint to FTC, civil liberties organization accuses AT&T, Verizon, Sprint, and T-Mobile of "unfair and deceptive business practices"

| Read Article >>
What IAM Can Learn From Bill Gates

By Gunnar Peterson

In identity and access management, it pays to be long-term aggressive and short-term conservative

| Read Article >>
Safeguarding Your Data Against The Two-Bit Ne'er-Do-Well

By Jared Thorkelson

A real-life data breach incident underscores the importance of employing even the most basic levels of security protection

| Read Article >>
How Do You Use DAM For Blocking? You Don't

By Adrian Lane

Curiously, many view blocking malicious Web application requests via WAFs as the appropriate approach

| Read Article >>
A New Look For Dark Reading

By Tim Wilson

New site layout, functionality will make it easier for Dark Reading's IT security readers to find the information they need

| Read Article >>
Laws Can't Save Banks From DDoS Attacks

By Mathew J. Schwartz- InformationWeek
Special to Dark Reading

A threat information-sharing bill wouldn't do much to help banks defend themselves against distributed denial-of-services (DDoS) attacks

| Read Article >>

More >>

Follow Dark Reading

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Back Issues

In This Issue

How Hackers Fool Your Employees: People are your most vulnerable endpoint. Make sure your security strategy addresses that fact.
Not All Or Nothing: Effective security doesn't mean stopping all attackers.

Download Now

Tech Insight

04.26.2013
Time To Set Up That Honeypot

03.12.2013
Securing Cisco IP Telephony

02.17.2013
Attribution Is Much More Than A Source IP

02.14.2013
New CA Group Has Big Names, Small Impact

02.04.2013
How To Build An IT Security Budget

01.22.2013
5 Approaches To Decaffeinating Java Exploits

06.01.2012
Making Data Leak Prevention Work In The Enterprise

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database

CVE-2013-3342 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors.
CVE-2013-3341 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3340.
CVE-2013-3340 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3341.
CVE-2013-3339 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3340, and CVE-2013-3341.
CVE-2013-3338 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Commentary

Follow Dark Reading

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

Tech Insight

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database