Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

ABTV

5/30/2017
08:00 AM
Curtis Franklin Jr.
Curtis Franklin Jr.
Curt Franklin
50%
50%

Take Security Now's Vault 7 Survey

WannaCry was the first shot from the Vault 7 arsenal. When will we see the second shot?

While the world's attention has been focused on the WannaCry attacks, a few cyber-Cassandras have pointed out that there are scores, if not hundreds, of additional exploits and attacks listed in the WikiLeaks Vault 7 release. Oh, joy.

The question that arises for most IT and security professionals is when the next exploit detailed in Vault 7 will make itself known to the computing world. Some feel that the exploits could start coming with numbing regularity now that they're in the wild, while others think that they'll be used sparingly, strategically, by criminal and nation-state actors.

What do you think? Are we going to spend the next few weeks dealing with the next waves of the Vault 7 deluge or will there be a months-long (or even years-long) respite before we all have to panic anew? Security Now wants to know -- and we can think of no one better than our community to give us the final word on the matter.

If you haven't noticed over at the top of our right-hand column, we're currently conducting the first Security Now Highly Un-Scientific Poll. When you take the poll you'll see what the results are (so far) and be able to check your responses against those of your fellow community members.

Speaking of community, we're also interested in what you think about the whole Vault 7 release. Since we can't really poll on complex questions, use the comment section over on the poll to tell us your thoughts on how worried we should be -- and whether the NSA should have been stockpiling the vulnerabilities in the first place.

Polls will be a regular part of what we do here at Security Now. Let us know what you think we should ask the community -- keeping in mind that every poll will be just as scientific (and, we hope, just as interesting) as this one.

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2005-0394
PUBLISHED: 2021-06-18
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2007-3733
PUBLISHED: 2021-06-18
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2021-21997
PUBLISHED: 2021-06-18
VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-serv...
CVE-2021-26834
PUBLISHED: 2021-06-18
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.
CVE-2021-26835
PUBLISHED: 2021-06-18
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.