Risk
10/17/2012
05:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

BSA Statement On White House Engagement With Industry On Cybersecurity Policy

Listening session gives stakeholders an opportunity to air practical considerations

WASHINGTON, DC -- October 17, 2012 -- BSA | The Software Alliance today welcomed efforts by the White House to engage with industry stakeholders on key aspects of cybersecurity policy.

"The Administration deserves kudos for actively listening to industry perspectives on cybersecurity policy," said BSA Director of Government Relations Tim Molino after a Wednesday afternoon "listening session" at the White House. "We appreciate that Cybersecurity Coordinator Michael Daniel and his colleagues are weighing practical concerns as the President considers a possible executive order."

"BSA agrees with the Administration that at the end of the day we need Congress to pass legislation," said Molino. "We look forward to continuing to work with Members of Congress and the Administration to shape the cybersecurity policy that America desperately needs."

About BSA

BSA |The Software Alliance (www.bsa.org) is the leading global advocate for the software industry. It is an association of more than 70 world-class companies that invest billions of dollars annually to create software solutions that spark the economy and improve modern life. Through international government relations, intellectual property enforcement and educational activities, BSA expands the horizons of the digital world and builds trust and confidence in the new technologies driving it forward.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3586
Published: 2015-04-21
The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2014-5361
Published: 2015-04-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.

CVE-2014-5370
Published: 2015-04-21
Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.

CVE-2014-8111
Published: 2015-04-21
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.

CVE-2014-8125
Published: 2015-04-21
XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.