Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2015
<<   <   Page 2 / 2
Anthem Breach Should Convince Healthcare To Double Down On Security
News  |  2/6/2015  | 
Mega breach brings focus back on inadequacies of healthcare security.
Why Israel Hacks
Commentary  |  2/5/2015  | 
Israel's tenuous position in the world drives its leaders to stay ahead of its cyber adversaries, chief among them the Islamic Republic of Iran.
A Mere 8 Days After Breach, Anthem Healthcare Notifies Customers
News  |  2/5/2015  | 
Was the data encrypted in storage? Investigators aren't saying, but they hint that it wouldn't matter either way.
Sony Exec Resigns Post In Wake Of Data Breach
Quick Hits  |  2/5/2015  | 
Amy Pascal, co-chair of Sony Pictures Entertainment and chair of motion picture group, will still have an association with Sony as head of a new production venture there.
Obama Administration To Launch New White House Cyber Security Unit
Quick Hits  |  2/5/2015  | 
'E-gov Cyber' division reflects increasing concerns over government's cyber security.
Scan Finds 'Ghost' Haunting Critical Business Applications
News  |  2/5/2015  | 
Some 41% of enterprise applications using GNU C Library (glibc) employ the Ghost-ridden 'gethostbyname' function, Veracode discovers.
Report: Russian Hacker Broke Into Sony & Is Still There
News  |  2/4/2015  | 
But can we trust the words of black hat hackers with unclear motives for candor? Either way, report supports credible theory of multiple attackers hitting Sony.
Shifting Paradigms: The Case for Cyber Counter-Intelligence
Commentary  |  2/4/2015  | 
Cyber Counter-Intelligence and traditional information security share many aspects. But CCI picks up where infosec ends -- with an emphasis on governance, automation, timeliness, and reporting.
RSA's Coviello To Retire Due To Health Reasons
News  |  2/4/2015  | 
Amit Yoran to assume RSA executive's duties.
Apple iOS Now Targeted In Massive Cyber Espionage Campaign
News  |  2/4/2015  | 
Attack campaign tied to Russia now zeroing in on mobile user's iPhones, iPads.
Enterprises Underestimate Actual Shadow Cloud Risks
News  |  2/3/2015  | 
More than 85 percent of cloud applications used in the workplace are unsanctioned, study shows.
BMW's Software Security Patch A Sign Of Things To Come
News  |  2/3/2015  | 
But not all car security flaws can be patched as simply -- or at all.
3 Disturbing New Trends in Vulnerability Disclosure
News  |  2/3/2015  | 
Who's winning and who's losing the battle of the bugs? While security pros and software companies fight amongst themselves, it looks like black hats are winning and users are losing.
Banking Trojan Lurks Inside Innocent Fax Messages, Bitdefender Warns
Partner Perspectives  |  2/3/2015  | 
Threat uses server-side polymorphism technique to bypass antivirus software.
Proposed Federal Data Breach Law Is Nice Gesture But No Panacea
Commentary  |  2/3/2015  | 
President Obamas SOTU proposal demonstrates the growing importance of data protection for individuals but does little to address compliance complexities for business.
Syrian Opposition Forces Social-Engineered And Hacked
News  |  2/2/2015  | 
Researchers uncover trove of sensitive information and details of Syrian government opposition plans and players -- pilfered by pro-Assad government hackers.
New Adobe Flash 0-Day Used In Malvertising Campaign
News  |  2/2/2015  | 
The latest in a series of recent Flash vulnerabilities and malvertising exploits that are hard for users to avoid.
The Complicated Relationship Among Security, Privacy & Legislation
Partner Perspectives  |  2/2/2015  | 
The pace and advances in technology are greatly outstripping the capacity of government to effectively regulate.
Browsers Are The Window To Enterprise Infection
News  |  2/2/2015  | 
Ponemon report says infections dominated by browser-based exploits.
<<   <   Page 2 / 2


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24028
PUBLISHED: 2021-04-14
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
CVE-2021-29370
PUBLISHED: 2021-04-13
A UXSS was discovered in the Thanos-Soft Cheetah Browser in Android 1.2.0 due to the inadequate filter of the intent scheme. This resulted in Cross-site scripting on the cheetah browser in any website.
CVE-2021-3460
PUBLISHED: 2021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462
PUBLISHED: 2021-04-13
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463
PUBLISHED: 2021-04-13
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.