Subscribe to Dark Reading Newsletters

Check If You Will Receive Newsletters on a Mobile Device

Dark Reading Weekly Newsletter:

Your weekly keyhole into the chaos and mystery of network and data security. Look for this compilation every Thursday, chock-full of product and industry news, threat reports, vulnerability discoveries, compliance issues, and user experiences. In addition, there's also our enlightened and delusional commentary, as well best-of security stories from around the web. Delivered: Thursdays

Dark Reading Daily Newsletter:

Your daily dose of the latest news, analysis and opinion from the editors and contributors of Dark Reading, the Internet's most paranoid publicaton for security intel. Delivered: Daily

Dark Reading Database Security Weekly:

The Dark Reading Database Security Weekly offers news, analysis, and opinion on all aspects of database security. It brings readers insights on the latest threats and breaches in the database environment, as well as breaking news on the tools, practices and technologies for database defense. Delivered: Tuesdays

Subscription Information

* = Required

Email:^* First Name:^* Last Name:^* Company Name: Postal Code: Country: Job Title:^* Business Address: City: State Prov: Phone Number (no dashes or spaces): Company Annual Revenues:^* Job Function:^* Company URL: Primary Business:^* Employees in Organization:^* E-Mail Preference:

Follow Dark Reading

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Back Issues

In This Issue

Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.

Download Now

Tech Insight

06.11.2013
What You Need To Know To Be A Cyber Forensics Pro

05.24.2013
Free Versus Commercial Vulnerability Scanning Tools

04.26.2013
Time To Set Up That Honeypot

03.12.2013
Securing Cisco IP Telephony

02.17.2013
Attribution Is Much More Than A Source IP

02.14.2013
New CA Group Has Big Names, Small Impact

02.04.2013
How To Build An IT Security Budget

01.22.2013
5 Approaches To Decaffeinating Java Exploits

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database

CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access