Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2005
Security Is the New Cold War
Commentary  |  5/27/2005  | 
Electronics, technology and ubiquitous computing have made the world a far more convenient and efficient place to live. The speed with which the things we can now do, get done, is as mind boggling as is the rate at which they quickly become obsolete, or melded with yet another cool, useful technology. Just look at the speed with which cell phones have been turned into the Swiss Army Knife of personal technology. Nevermind calling, it's fundamental use. How 80s.You can use cell phones today to ta
A Call From The North: Be Brutal Against Spammers
Commentary  |  5/19/2005  | 
A group of 10 business executives, consumers, academics, and government officials has spent the past year trying to figure out how best to stop unsolicited E-mail known as spam. The solution: brutalize violators with stiff financial penalties.
Phones Fight Phonies
Commentary  |  5/12/2005  | 
On Tuesday, VeriSign hosted a dinner for journalists at Le Colonial in San Francisco to help get its message out about strong authentication. Representatives from AOL, IBM, and Intuit also were in attendance. The idea is that journalists get good food and the hosts get good press. Of course, it's not officially quid pro quo, but it's hard to imagine companies sponsoring such events without some hope that what goes around comes around. Coincidentally, Bite public relations managed the affair.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33331
PUBLISHED: 2021-08-03
Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the 'redirect' parameter.
CVE-2021-33332
PUBLISHED: 2021-08-03
Cross-site scripting (XSS) vulnerability in the Portlet Configuration module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_portlet_configuration_css_web_por...
CVE-2021-33333
PUBLISHED: 2021-08-03
The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which allows remote authenticated users to view and delete workflow submissions via crafted URLs.
CVE-2021-33334
PUBLISHED: 2021-08-03
The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site Administration" permissio...
CVE-2021-30578
PUBLISHED: 2021-08-03
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.