News & Commentary

Content tagged with Database Security posted in September 2011
Database Security Market To Grow 20 Percent Through 2014
News  |  9/30/2011  | 
Mobility, data volume, and difficulty patching still lead challenges in protecting databases
Medicare Tests Alternative To Fraud-Fighting Smart Card
News  |  9/29/2011  | 
Magnetic stripe cards and conventional credit-card terminals may be a less costly way to go.
Integrated Security Reduces Health IT Data Breaches
News  |  9/26/2011  | 
PricewaterhouseCoopers finds fewer breaches in healthcare organizations that have integrated privacy and security compliance efforts.
Sound Database Security Starts With Segmentation
News  |  9/23/2011  | 
Segmenting the network and segregating data by importance is key, experts say
HHS: Patient Data Breaches Have More Than Doubled
News  |  9/20/2011  | 
Better adherence to federal breach disclosure policies may explain the severe uptick in notifications in 2010, Department of Health and Human Services tells Congress.
Segregating DBA And Admin Duties
Commentary  |  9/19/2011  | 
Keeping platform admins out of your database
HHS Unveils Personal Health Record Privacy Notice
News  |  9/16/2011  | 
The template will help consumers learn more about PHR security and data management practices, much like nutrition labels do for foods.
Medicare Smartcards Aim To Thwart Fraud, Waste
News  |  9/16/2011  | 
Bipartisan legislation would issue digital ID cards to 48 million Medicare enrollees, save $30 billion a year, say sponsors.
HIPAA Pain: How To Cope
News  |  9/16/2011  | 
Although providers worry about hugh fines for leaking patient data, keeping this information secure isn't that hard--but it soon will be.
Seven Ways You Give Thieves Dibs On Your Database
News  |  9/14/2011  | 
Bad database security habits make life easy for hackers and malicious insiders
Data Security Not High On Hospitals' Priority List
News  |  9/12/2011  | 
Fewer than half of large facilities conduct annual risk assessments, but that might have to change, according to CSC consultant.
Big Data Brings Big Risks
News  |  9/9/2011  | 
Information stored in data warehouses that service business intelligence applications should be a security priority
Stanford Hospital Breach Exposes 20,000 ER Records
News  |  9/9/2011  | 
Spreadsheet uploaded to homework-help website exposed sensitive patient data for almost a year.
DAM In The Cloud
Commentary  |  9/7/2011  | 
Modifications to DAM for use with cloud infrastructure providers
Electronic Health Records Face Many Insider Snoops
News  |  9/6/2011  | 
Nosy staff members committed most of the personal data breaches that hit more than 70% of healthcare organizations last year, survey says.
Verizon Adds Mobile Security To Healthcare Cloud
News  |  9/6/2011  | 
Doctors can access electronic health records, digitally sign prescriptions from smartphones and tablets with NIST Level 3 authentication in Verizon's UIS-Healthcare cloud-based service.
Hurricane Irene Sparks Talk Of HIT Disaster Strategy
News  |  9/6/2011  | 
Health IT managers are looking at the damage done and reassessing their disaster planning strategies.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.