Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in December 2011
<<   <   Page 3 / 3
Debunking The Conficker-Iranian Nuclear Program Connection
Commentary  |  12/4/2011  | 
Recent claims allude to Conficker-Stuxnet relationship, but are they really credible?
House Intros Cyber Intelligence Sharing And Protection Act
News  |  12/2/2011  | 
Bill would require the Director of National Intelligence to set up procedures for sharing cyber-threat intelligence with private sector
Bill Would Open Channels On Cyber Threats
News  |  12/2/2011  | 
Proposed legislation encourages the feds and private companies to share cyberintelligence information to stop threats to networks and critical infrastructure.
Carrier IQ Denies Wiretap Claims
News  |  12/2/2011  | 
Smartphone network diagnostic software maker says it only collects data that carriers request. Is your phone affected?
Top 10 Security Mistakes SMBs Make
News  |  12/2/2011  | 
Small and midsize businesses need to work on fundamental security errors to reduce risk of costly incidents.
TSA Finds Stun Gun Disguised As Smartphone
News  |  12/2/2011  | 
Airport security agents took weapon from a female passenger at LAX as she tried to pass through checkpoint this week.
Healthcare Data In Critical Condition
Quick Hits  |  12/1/2011  | 
New study shows data breaches up and costing healthcare industry billions of dollars a year, with employees, mobile devices the weakest links
The Dark Side Of Java
News  |  12/1/2011  | 
Metasploit adds new module for latest Java attack as Java becomes cybercriminals' new favorite target
More Vendors Reacting Poorly To Disclosure
News  |  12/1/2011  | 
From Charlie Miller's latest attack on Apple's App Store to the outing of Carrier IQ, companies seem to be taking a step back and punishing researchers who disclose vulnerabilities
Top 10 Security Mistakes SMBs Make
News  |  12/1/2011  | 
SMBs need to work on fundamental security errors to reduce risk of costly incidents
Obama Fortifies Efforts To Protect Critical Infrastructure
News  |  12/1/2011  | 
President asks administration to beef up efforts to work with private sector to keep power grid, Internet and other foundational U.S. networks safe.
Carrier IQ Vs. Wiretap Laws
News  |  12/1/2011  | 
Network diagnostic software maker Carrier IQ feels the heat after a researcher's video demonstrates how software captured his every keystroke. But is that illegal?
Kindle Fire Draws Privacy Slam From Congressman
News  |  12/1/2011  | 
Massachusetts Rep. Ed Markey says Amazon needs to come clean about what it’s doing with user data generated by the hot-selling tablet.
RSA Exploit Victims Likely Used Windows XP
News  |  12/1/2011  | 
Windows' Data Execution Prevention on Windows 7 would have stopped the SecureID breach, reports Qualys researcher.
Oracle Leaves Databases Vulnerable, Say Researchers
News  |  12/1/2011  | 
As SQL injection attacks and other advanced threats gain traction, researchers complain that Oracle's other application efforts distract it from shoring up database security.
Hacktivists Crack United Nations, Publish User Data
Quick Hits  |  12/1/2011  | 
TeamPoison might have broken into UN Development Program website
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24028
PUBLISHED: 2021-04-14
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
CVE-2021-29370
PUBLISHED: 2021-04-13
A UXSS was discovered in the Thanos-Soft Cheetah Browser in Android 1.2.0 due to the inadequate filter of the intent scheme. This resulted in Cross-site scripting on the cheetah browser in any website.
CVE-2021-3460
PUBLISHED: 2021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462
PUBLISHED: 2021-04-13
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463
PUBLISHED: 2021-04-13
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.