Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in December 2010
Nintendo Warns Children Should Skip 3DS
News  |  12/29/2010  | 
Because their eyes are still developing, kids under the age of 6 shouldn't use the handheld gaming device's 3D functions, said the company.
Apple, Social Networks Top Cybercrime Targets In 2011
News  |  12/28/2010  | 
McAfee threat predictions for the coming year forecast that Apple's increasing influence in personal computing, smartphones, and tablets will make it a prime target for cybercriminals.
Why SMBs Aren't Buying DLP
Commentary  |  12/27/2010  | 
Cost, complexity, and a dearth of complete solutions limit adoption rates for small and midsize businesses; revamping the architecture and packaging of DLP solutions is key to winning the SMB market.
Why Chrome OS Will Succeed
Commentary  |  12/15/2010  | 
Google's "third choice" of operating system will sell itself to businesses and schools.
Google Chrome Gets Ready For Business
News  |  12/15/2010  | 
The introduction of new Google tools for IT administrators is intended to encourage enterprises to give Chrome, and perhaps Chrome OS, a try.
Microsoft Again Sets Record With Massive Patch
News  |  12/14/2010  | 
The holiday season brings no respite from security maintenance duties.
Connecticut AG Demands Google Street View Data
News  |  12/10/2010  | 
Attorney General Richard Blumenthal has given Google until Dec. 17 to turn over the data that was wrongfully collected from personal and business Wi-Fi networks.
Facebook Rejected Microsoft's Acquisition Offer
News  |  12/10/2010  | 
A Microsoft exec has confirmed an offer was made, but the company declined to comment on whether the amount CEO Steve Ballmer offered in 2007 was $15 billion.
IBM Expands Telehealth Partnership With American Well
News  |  12/1/2010  | 
Customized versions of American Well's Online Care application aim to improve the security of patients' personal health information.


Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5007
PUBLISHED: 2020-01-17
Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename pa...
CVE-2020-5397
PUBLISHED: 2020-01-17
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not incl...
CVE-2019-17635
PUBLISHED: 2020-01-17
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted inde...
CVE-2019-19339
PUBLISHED: 2020-01-17
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries...
CVE-2007-6070
PUBLISHED: 2020-01-17
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1382. Reason: This candidate is a reservation duplicate of CVE-2008-1382. Notes: All CVE users should reference CVE-2008-1382 instead of this candidate. All references and descriptions in this candidate have been removed to prevent ...