Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in July 2015
<<   <   Page 2 / 2
Are Criminals Quicker Than The Flash?
Partner Perspectives  |  7/14/2015  | 
Using the right technology, we can defeat the malicious exploitation of Flash and return it to its full superhero status.
Inside A Vicious DDoS Attack
Commentary  |  7/14/2015  | 
What it's really like to fend off a relentless distributed denial-of-service attack.
Cybersecurity Gains Higher Profile Among Chief Financial Officers
News  |  7/14/2015  | 
Deloitte study shows CFOs view security risks as a top threat to financial health.
Internet Of Things Hacking Village Debuts At DEF CON
News  |  7/13/2015  | 
Apple network storage, Fitbit, a fridge, blood pressure monitor and a HappyCow toy are all fair game in the IoT hacking Village network.
Dark Reading Radio: Firewall Smackdown
Commentary  |  7/13/2015  | 
Is there a future for the venerable firewall? Security CEOs Asaf Cidon of Sookasa and Jody Brazil of FireMon debate the issues in our latest radio show.
What Morpho Means: Why Hackers Target Intellectual Property And Business-Confidential Information
Partner Perspectives  |  7/13/2015  | 
A quiet, professional cyberespionage group steals what every company wants to keep secret: valuable information that drives business. Welcome to the new normal.
How To Make Internet Voting Secure
News  |  7/10/2015  | 
To be effective, an Internet voting system has to auditable every step of the way, a new study says.
Black Hat For Beginners: 4 Tips
Commentary  |  7/10/2015  | 
What happens in Vegas stays in Vegas. But for newbies, these helpful hints will make sure you get the most out of the Black Hat USA experience.
OPM: Personal Info On 21.5 Million People Exposed In Hack
Quick Hits  |  7/9/2015  | 
The Office of Personnel Management today confirmed the final body count of victims affected by its massive data breach, which also exposed some 1.1 million fingerprints stored in the background-check database.
3 Reasons Why Giving Government A Backdoor Is A Bad Idea
News  |  7/9/2015  | 
Exceptional access of the kind being demanded by the FBI and others is unworkable and impractical, security researchers say
OpenSSL Fixes High-Severity, Narrow-Scope Vulnerability
News  |  7/9/2015  | 
Bug allows attackers to issue invalid certificates, but is difficult to exploit and only affects OpenSSL versions released since last month.
Creating Your Own Threat Intel Through Hunting & Visualization
Commentary  |  7/9/2015  | 
How security analysts armed with a visual interface can use data science to find hidden attacks and the unknown unknowns.
Hacking Team 0-Day Shows Widespread Dangers Of All Offense, No Defense
News  |  7/8/2015  | 
While the Italian surveillance company sells government agencies high-end zero-day proof-of-concept exploits, it secures root systems with the password 'P4ssword.' What's vulnerability commoditization got to do with it?
The Role of the Board In Cybersecurity: Learn, Ensure, Inspect
Commentary  |  7/8/2015  | 
Board members of the most forward-thinking U.S. companies are not just throwing money at the mounting problem of managing cyber risk.
Cybercriminal Group Spying On US, European Businesses For Profit
News  |  7/8/2015  | 
Symantec, Kaspersky Lab spot Morpho' hacking team that hit Apple, Microsoft, Facebook and Twitter expanding its targets to lucrative industries for possible illegal trading purposes.
6 Emerging Android Threats
Slideshows  |  7/7/2015  | 
A peek at some of the Android vulnerabilities and malware that will be revealed at Black Hat USA next month.
Twitter Chat: How To Prepare For A Cyberattack
Commentary  |  7/7/2015  | 
Join the GTEC and Dark Reading Twitter chat, "Is It Possible to Prepare for a Cyber Attack?" on Wednesday, July 8 from 2-3pm EST, using the #GTECCHAT hashtag.
New Google Search Poisoning Method Cloaks With PDF Docs
News  |  7/7/2015  | 
Using PDF documents to keyword stuff is growing in popularity as it circumvents anti-cloaking mechanisms in Google's algorithms.
The Rise Of Social Media Botnets
Commentary  |  7/7/2015  | 
In the social Internet, building a legion of interconnected bots -- all accessible from a single computer -- is quicker and easier than ever before.
Underwriters Laboratories To Launch Cyber Security Certification Program
News  |  7/6/2015  | 
Meanwhile, UL is also in discussion with the White House on its plans to foster standards for Internet of Things security.
Italian Surveillance Software Maker Falls Victim To Doxing Attack
News  |  7/6/2015  | 
Milan-based Hacking Team tells customers to stop using its products after leaked documents reveal the product's source code and the company's history of selling to governments with records of human rights abuses.
IoT Flaw Discoveries Not Impactful--Yet
News  |  7/6/2015  | 
As flaws announced at Black Hat USA and elsewhere highlight IoT weaknesses, the impact of these vulns still remains low in the face of vast distribution. But that could change with market consolidation.
Cloud & The Security Skills Gap
Cloud & The Security Skills Gap
Dark Reading Videos  |  7/6/2015  | 
F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
FBI Offering $4.3 Million For Help Finding Cyber Most-Wanted
Quick Hits  |  7/2/2015  | 
Big prize still going to whomever can help find Gameover ZeuS mastermind.
Harvard Suffers Data Breach Spanning Multiple Schools, Administration Networks
News  |  7/2/2015  | 
Investigation so far shows email and system login info may have been compromised, university says.
In The Cyber Realm, Lets Be Knights Not Blacksmiths
Commentary  |  7/2/2015  | 
Why the Internet of Things is our chance to finally get information security right.
Smart Cities' 4 Biggest Security Challenges
News  |  7/1/2015  | 
The messiness of politics and the vulnerability of the Internet of Things in one big, unwieldy package.
PCI Update Paves Way For Expanding Point-to-Point Encryption
News  |  7/1/2015  | 
Move appears designed mainly for large organizations and big-box retailers looking to lock down payment card security.
Franchising Ransomware
Partner Perspectives  |  7/1/2015  | 
Ransomware-as-a-service is fueling cyberattacks. Is your organization prepared?
Why We Need In-depth SAP Security Training
Commentary  |  7/1/2015  | 
SAP and Oracle are releasing tons of patches every month, but are enterprises up to this complex task? I have my doubts.
DDoS Attackers Exploiting '80s-Era Routing Protocol
News  |  7/1/2015  | 
Latest wave of DDoS attacks abuses small office-home routers via the 27-year-old, outdated Routing Information Protocol Version 1 (RIPv1).
Android Malware On The Rise
News  |  7/1/2015  | 
By the end of 2015, researchers expect the number of new Android malware strains to hit 2 million.
<<   <   Page 2 / 2


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22879
PUBLISHED: 2021-04-14
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
CVE-2021-27989
PUBLISHED: 2021-04-14
Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx.
CVE-2021-25316
PUBLISHED: 2021-04-14
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterp...
CVE-2021-28797
PUBLISHED: 2021-04-14
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (an...
CVE-2020-36323
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.