Vulnerabilities / Threats

9/21/2015
10:45 AM
John Klossner
John Klossner
Cartoon Contest
100%
0%

Cartoon: Dating (In)security

John Klossner has been drawing technology cartoons for more than 15 years. His work regularly appears in Computerworld and Federal Computer Week. His illustrations and cartoons have also been published in The New Yorker, Barron's, and The Wall Street Journal. Web site: ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
vanquez
50%
50%
vanquez,
User Rank: Apprentice
8/25/2017 | 6:02:41 AM
Great post
What a great post, I like it very much. I like your site and I can see that you are providing a lot of information continuously that is really useful to me. Keep sharing some more videos; I would love to see some more interesting videos so keep posting, Thanks.

Leannebakerjali
50%
50%
Leannebakerjali,
User Rank: Apprentice
1/12/2016 | 9:21:45 AM
Re: LOL
nice one good
Ronaldinhopal
50%
50%
Ronaldinhopal,
User Rank: Apprentice
1/2/2016 | 6:17:34 AM
Re: LOL
great post
makemyassignments.com
50%
50%
makemyassignments.com,
User Rank: Strategist
10/27/2015 | 3:19:27 PM
LOL
At least they offer discretion for relationships :D
Whoopty
100%
0%
Whoopty,
User Rank: Ninja
10/14/2015 | 7:58:53 AM
Re: AM
Aaaand fake accounts from employees. And spammers. And escorts. 
Enrico Fontan
100%
0%
Enrico Fontan,
User Rank: Strategist
10/1/2015 | 12:31:41 PM
Contract terms
Things to Consider Before Signing a Contract...
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
9/23/2015 | 9:37:20 PM
AM
"And by 'relationships,' we mean emotional entanglements with bots."
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-2765
PUBLISHED: 2018-08-20
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
CVE-2018-15594
PUBLISHED: 2018-08-20
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
CVE-2018-15572
PUBLISHED: 2018-08-20
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
CVE-2018-15573
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf...
CVE-2018-15574
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."