Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

posted in November 2012
IAM: The Reason Why OWASP Top 10 Doesn't Change
Commentary  |  11/30/2012  | 
OWASP's AppSec conference is easily one of the best in the infosec industry. Where will it be held this year? Why not Punxsutawney?
Should LulzSec Suspect Face Life In Prison?
Commentary  |  11/29/2012  | 
Computer hacking, identity theft, and fraudulent credit card charges could add up to 30 years to life for alleged Stratfor hacker Jeremy Hammond.
Managing The Multi-Vendor Backup
Commentary  |  11/29/2012  | 
Backup management applications go a step beyond monitoring, but they remain limited. It's time to develop a framework-driven approach.
Threats And Security Countermeasures
Commentary  |  11/28/2012  | 
Big data and relational database protections are very similar. What's available to end users is not
Log All The Things
Commentary  |  11/26/2012  | 
How the growing granularity in computing is going to affect monitoring
A Backhanded Thanks
Commentary  |  11/25/2012  | 
As we recover from the Thanksgiving weekend, let's give our brand of security thanks for all the good (and not so good) in our world
The Business Of Commercial Exploit Development
Commentary  |  11/20/2012  | 
A closer look at the debate surrounding this market
Take Two Aspirin And Steal My Data
Commentary  |  11/19/2012  | 
HIPAA and information security aren't suggestions. They're the law
Threat Intelligence Hype
Commentary  |  11/16/2012  | 
How to measure the IQ of the data you're being fed
All Security Technologies Are Not Data Loss Prevention
Commentary  |  11/15/2012  | 
While security technologies may share the common goal of protecting an organization's sensitive data, not all can -- or should -- be called data loss prevention
Petraeus Mission Impossible: Cloaking Email, Online Identities
Commentary  |  11/14/2012  | 
So-called security experts making basic information security errors isn't a new occurrence. Arguably, it even led to the rise of the Anonymous hacktivist collective.
When Cloud Met Mobile
Commentary  |  11/14/2012  | 
Identity must link the disparate worlds of mobile and cloud
The Petraeus Affair: Surveillance State Stopper?
Commentary  |  11/13/2012  | 
Lawmakers, now reminded of their own vulnerability, need to strengthen email privacy protections. Companies need to do more to help customers protect content.
Puzzle Logic
Commentary  |  11/9/2012  | 
Authentication is an enduring mystery, but solving authorization puzzles may be a better use of your security resources
Consolidation At The Disk Backup Appliance
Commentary  |  11/5/2012  | 
With a few enhancements, such as tape support and improved reporting capabilities, backup appliances could become the perfect solution for consolidating data protection.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.