News & Commentary

Content tagged with Database Security posted in January 2012
AT&T Tightens Up Tablet Security
News  |  1/27/2012  | 
AT&T has introduced new security tools that help healthcare providers better protect tablet-based patient data.
Database Password Storage Exposes Need For Better ID Management
News  |  1/25/2012  | 
DreamHost and other password breaches show weaknesses in the way passwords are stored
7 Tools To Tighten Healthcare Data Security
Slideshows  |  1/24/2012  | 
Most of the largest healthcare data security and privacy breaches have involved lost or stolen mobile computing devices. Consider these tools and tips for protecting patient data and managing breaches.
Oracle CPU Contains Lowest Number Of Database Fixes Ever
News  |  1/18/2012  | 
Database security community concerned about Oracle's patch bottleneck
Patient Data Theft Sends IT Specialist To Jail
News  |  1/17/2012  | 
Atlanta man gets 13 months for hacking into former employer's computer database and stealing patient data for a competing medical practice.
Hack Attacks Now Leading Cause Of Data Breaches
News  |  1/12/2012  | 
Exclusive: Identity Theft Resource Center identifies hacking, followed by data lost in transit and insider attacks, as the leading data breach culprits in 2011.
Does NoSQL Mean No Security?
News  |  1/11/2012  | 
NoSQL databases offer an alternative to traditional relational databases but is immature and will introduce more risks
Health IT Managers Slow To Implement Cloud
News  |  1/11/2012  | 
Security concerns keep health IT pros from jumping on cloud computing faster, a KLAS study suggests.
More Patient Data Risks, Lawsuits Predicted In 2012
News  |  1/9/2012  | 
The new year promises to bring greater patient data risks as healthcare organizations increase their use of mobile technology and social media sites.
AntiSec Hacks Signal Same Old, Same Old In Database Insecurity
News  |  1/5/2012  | 
Hacktivist group takes down two law enforcement associations with ease


High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1659
PUBLISHED: 2019-02-21
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. The vulnerability is due to...
CVE-2019-8983
PUBLISHED: 2019-02-21
MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2).
CVE-2019-8984
PUBLISHED: 2019-02-21
MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2).
CVE-2018-20122
PUBLISHED: 2019-02-21
The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is...
CVE-2018-6687
PUBLISHED: 2019-02-21
Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows.