Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2014
<<   <   Page 3 / 3
Apple iOS Vulnerable To Hidden Profile Attacks
News  |  3/6/2014  | 
Unpatched flaw in iOS enables malicious profile users to secretly control devices and intercept data.
Target Begins Security And Compliance Makeover
News  |  3/6/2014  | 
Security gets a higher exec profile at the beleaguered retailer in the wake of its massive data breach as Target starts the road to reorganizing its security and compliance operations
Yahoo Unfriends Facebook, Google Sign-In
Quick Hits  |  3/6/2014  | 
Yahoo drops third-party logins, will soon require Yahoo IDs
Target Seeks New CIO
News  |  3/5/2014  | 
Data breach last year prompts CIO Beth Jacob to resign; Target will hire interim CIO and chief compliance officer
Target Seeks New CIO
News  |  3/5/2014  | 
Data breach last year prompts CIO Beth Jacob to resign; Target will hire interim CIO and chief compliance officer.
Yahoo Unfriends Facebook, Google Sign-In
News  |  3/5/2014  | 
Yahoo drops third-party logins, will soon require Yahoo IDs.
Bitcoin Heists Cause More Trouble
News  |  3/5/2014  | 
Attackers continue to pummel bitcoin "banks," exchanges, and crypto-currency users themselves via malware that steals virtual wallets.
Data Breach: Persistence Gives Hackers the Upper Hand
Commentary  |  3/5/2014  | 
Hackers are winning on speed and determination. But we can stack the odds in our favor by shifting the time frames of an attack. Here's how.
FreedomPop Debuts Encrypted Snowden Phone
News  |  3/5/2014  | 
Prepaid phone carrier promises secure messaging, anonymous browsing to security-minded customers.
Cryptocat Wins Apple Approval
News  |  3/5/2014  | 
NSA surveillance and other worldwide events drive interest in secure messaging, and iOS users now have a new option.
Securing Software Requires Design, Testing, And Improvement
News  |  3/5/2014  | 
Adopting secure development, incorporating frequent testing, and creating measures of software security are important to create more secure code
Mt. Gox Bitcoin Meltdown: What Went Wrong
Quick Hits  |  3/4/2014  | 
Transaction malleability attacks and cold-storage software bugs both cited after nearly $500 million worth of bitcoins vanish
Security Firms Face Crisis Of Trust
News  |  3/4/2014  | 
Mikko Hypponen reflects on shift toward rampant government spying and use of malware -- and targeted attack attempts on F-Secure
Malware-Lobbing Hackers Seize 300,000 Routers
News  |  3/4/2014  | 
Hackers launch scam and malware campaigns after compromising a variety of routers running firmware with known vulnerabilities
Malware-Lobbing Hackers Seize 300,000 Routers
News  |  3/4/2014  | 
Hackers launch scam and malware campaigns after compromising a variety of routers running firmware with known vulnerabilities.
Researchers Create Legal Botnet Abusing Free Cloud Service Offers
News  |  3/4/2014  | 
Hack depends on scripts creating scores of unique email addresses and automating execution of email verification
Feds Look To Big Data On Security Questions
Quick Hits  |  3/4/2014  | 
Government IT leaders believe continuous monitoring and advanced analytics can help agencies better understand their networks and security
Hacking Critical Infrastructure Companies -- A Pen Tester's View
News  |  3/3/2014  | 
At the RSA Conference, a penetration tester outlines some of the elements of a successful attack on energy companies
Mt. Gox Bitcoin Meltdown: What Went Wrong
News  |  3/3/2014  | 
Transaction malleability attacks and cold-storage software bugs both cited after nearly $500 million worth of bitcoins vanish.
Supply-Chain Threats Still An Uncertain Danger
News  |  3/3/2014  | 
With a global manufacturing economy muddying the definition of a foreign product, nations are still hashing out strategies to secure their supply chains
Name That Cartoon: Luck O' The Irish
Commentary  |  3/3/2014  | 
We provide the cartoon. You write the caption. Maybe you'll win a prize.
How To Fund Enterprise Cybersecurity: CISO Tips
News  |  3/3/2014  | 
How do you ensure funding for enterprise cybersecurity? Help C suite execs understand the true nature of cyberattacks.
Fewer Than Half Of IT Pros At RSA Conference Say NSA Went Too Far
Quick Hits  |  3/1/2014  | 
Spying revelations and document leaks a big theme at RSA Conference 2014, but views on the controversy are split
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22879
PUBLISHED: 2021-04-14
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
CVE-2021-27989
PUBLISHED: 2021-04-14
Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx.
CVE-2021-25316
PUBLISHED: 2021-04-14
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterp...
CVE-2021-28797
PUBLISHED: 2021-04-14
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (an...
CVE-2020-36323
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.