Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in September 2016
<<   <   Page 4 / 4
MedSec/Muddy Waters & The Future Of IoT Security
News  |  9/2/2016  | 
St. Jude vulnerability report could be test case for vulnerability disclosure.
Apple Issues Patches To Fix Trident Flaws In OS X El Capitan, Yosemite
News  |  9/2/2016  | 
Same zero-day flaws had been patched earlier in iOS as well
Guccifer Gets 52-Month Jail Term
Quick Hits  |  9/2/2016  | 
The Romanian hacker pleaded guilty to hacking and compromise of personal details of around 100 high-profile Americans.
Cisco's Talos Group Shuts Down Malvertising Campaign
Quick Hits  |  9/2/2016  | 
Global online campaign exploits ads with Neutrino Exploit Kit to transfer ransomware to victims' computers, reports Threatpost.
Researchers Uncover Car Infotainment Vulnerability
News  |  9/2/2016  | 
Should an automobile manufacturer have to release a patch for a feature that they never deployed? A newly discovered vulnerability in MirrorLink's infotainment software may force an answer.
How IT Departments Can Manage The Security Skills Shortage
News  |  9/1/2016  | 
A lack of skilled cybersecurity talent is putting organizations at risk. Which skills are in highest demand, and how can IT managers secure the right people to protect their information?
Social Media Fraud Spikes, Study Finds
News  |  9/1/2016  | 
Nearly 20% of social media accounts associated with ten major global brands are fraudulent.
3 Golden Rules For Managing Third-Party Security Risk
Commentary  |  9/1/2016  | 
Rule 1: know where your data sets are, which vendors have access to the data, and what privacy and security measures are in place.
Air-Gapped Systems Foiled Again, Via USB Drive
News  |  9/1/2016  | 
Researchers at Israels Ben-Gurion University have come up with another novel way to extract data from air-gapped systems, at least theoretically.
Improvements In Cybersecurity Require More Than Sharing Threat-Intelligence Information
Partner Perspectives  |  9/1/2016  | 
Interoperability and automation are keys to defining success in computer network defense.
Kimpton Hotels Hit By Point-Of-Sale Breach
Quick Hits  |  9/1/2016  | 
Yet another POS breach at a major hotel chain.
How To Talk About Security With Every C-Suite Member
Commentary  |  9/1/2016  | 
Reframe your approach with context in order to get your message across.
California May Soon Treat Ransomware As Extortion
Quick Hits  |  9/1/2016  | 
State Senator Robert Hertzbergs legislation on ransomware awaits governors approval.
SWIFT Reveals New Hacking Attempts On Member Banks
Quick Hits  |  9/1/2016  | 
Banks being pushed to meet November 19 deadline for updated security features, including stronger password rules.
Password-Stealing Trojan Now Also Attacks With Cerber Ransomware
News  |  9/1/2016  | 
Weaponized Microsoft Word Documents spread one-two punch via the infamous Betabot.
<<   <   Page 4 / 4


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27706
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;IPMacBindIndex &quot;request. This occurs because the &quot;formIPMacBindDel&quot; function directly passes the parameter &quot;IPMacBind...
CVE-2021-27707
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;portMappingIndex &quot;request. This occurs because the &quot;formDelPortMapping&quot; function directly passes the parameter &quot;portMappingIn...
CVE-2021-28098
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
CVE-2021-30493
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
CVE-2021-30494
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...