Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2015
<<   <   Page 2 / 2
Women In Security Speak Out On Why There Are Still So Few Of Them
News  |  5/11/2015  | 
They're now CISOs, security officials in DHS and the NSA, researchers, and key players in security -- but women remain a mere 10% of the industry population.
PHP Hash Comparison Weakness A Threat To Websites, Researcher Says
News  |  5/9/2015  | 
Flaw could allow attackers to compromise user accounts, WhiteHat Security's Robert Hansen -- aka "RSnake" -- says in new finding on 'Magic Hash' vulnerability.
Beginning Of The End For Patch Tuesday
News  |  5/7/2015  | 
Starting with Windows 10, Microsoft will introduce Windows Update for Business, issuing patches as they're available, instead of once a month.
White House Evaluating New Court Ruling Declaring NSA Data-Collection Program Illegal
News  |  5/7/2015  | 
Administration will continue to work with Congress to reform surveillance laws, NSC spokesman says.
Healthcare Data Breaches From Cyberattacks, Criminals Eclipse Employee Error For The First Time
News  |  5/7/2015  | 
New Ponemon Report reveals just how hot healthcare data is for hackers.
Vixie Proposes 'Cooling-Off Period' For New Domains To Deter Cybercrime
News  |  5/6/2015  | 
Short trial period would help detect malicious use of domain names, Internet expert says.
3 Ways Attackers Will Own Your SAP
News  |  5/5/2015  | 
SAP vulnerabilities that have been highlighted for years are now becoming attackers' favorite means of breaking into enterprises.
Law Enforcement Finding Few Allies On Encryption
News  |  5/5/2015  | 
Cloud providers, mobile device manufacturers, private citizens, and a bipartisan Congressional committee are lining up on the opposite side.
Deconstructing Mobile Fraud Risk
Commentary  |  5/5/2015  | 
Todays enterprise security solutions dont do enough to manage BYOD risk, credit card theft and the reputational damage resulting from a major data breach.
Rapid7 Picks Up NTObjectives
News  |  5/4/2015  | 
Adds 25 new employees and further diversifies testing capabilities.
Security Product Liability Protections Emerge
News  |  5/4/2015  | 
WhiteHat Security, FireEye each offer product liability protections to their customers.
Defenses Outside the Wall
Partner Perspectives  |  5/4/2015  | 
Protecting the Internet of Things means protecting the privacy of customers and colleagues.
Building a Stronger Security Strategy: 6 Tips
Commentary  |  5/4/2015  | 
CIO offers his formula for achieving the right balance between data security and employee productivity and convenience
Nine Years Later, IT Security Is Even More Important To Business
Commentary  |  5/1/2015  | 
As Dark Reading celebrates its ninth year of publication, the security industry prepares for its next round of evolution.
Dyre Trojan Adds New Sandbox-Evasion Feature
News  |  5/1/2015  | 
New tactic makes it that much harder to detect, says Seculert.
<<   <   Page 2 / 2


Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23394
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.