Advertise

News & Commentary

Content tagged with Authentication posted in December 2016

View Content By Month

Macau Resident Held For Hacking, Insider Trading Charges In US

Quick Hits | 12/28/2016 |

Post a comment

Iat Hong and two others allegedly breached computers of major US law firms and stole confidential exchange on M&A transactions.

Network Security: An Ounce Of Prevention Is Worth A Pound Of Reaction

Commentary | 12/22/2016 |

2 comments

For humans ailments, prevention might begin with an allergist. In security, it's the network engineer.

Financial Data Worth Millions Unwittingly Exposed In Ameriprise Accounts

Quick Hits | 12/19/2016 |

Post a comment

Leak of bank account and financial planning details emanated from a financial advisor's unsecured Internet-connected backup drive at home.

Amit Yoran Leaves Dell RSA To Join Tenable As New CEO

News | 12/15/2016 |

Post a comment

Yoran says recent Dell acquisition of RSA parent company EMC did 'not really' impact his decision to leave.

8 Most Hackable Holiday Gifts, 2016 Edition

Slideshows | 12/14/2016 |

Post a comment

You better watch out! Otherwise, you may be giving the gift of malware or unauthorized access to networks and devices.

The Internet Of Things: When Bigger Is Not Better

Commentary | 12/13/2016 |

Post a comment

What happens when 10,000 companies add programmability and connectivity to their products, and we increase the Internet’s attack surface by a million times or more?

Pay Ransom Or Infect Others!

Quick Hits | 12/12/2016 |

3 comments

Still under development, new ransomware will ask victims to free their files by paying 1 bitcoin or by infecting two others.

How Retailers Can Fight Holiday Season Hackers

Slideshows | 12/8/2016 |

Post a comment

Experts offer tips for locking down retailers’ point-of-sale systems for the busy holiday shopping season.

Researchers Find Backdoors, Bugs In Sony, White Box IP Cameras

News | 12/7/2016 |

1 comment

New vulnerabilities discovered by SEC Consult and Cybereason highight increasing IoT threat to enterprises.

Biometric Technology Is Not A Cure-All For Password Woes

Commentary | 12/7/2016 |

Post a comment

No single authentication token is infallible. The only real solution is multifactor authentication.

Dark Web Vendor Gets 50 Months Jail For ID Theft

Quick Hits | 12/2/2016 |

2 comments

Minnesota resident Aaron Glende aka IcyEagle caught selling stolen bank details on AlphaBay market.

DMARC Continues To Confound Users, Report Says

News | 12/1/2016 |

2 comments

Almost three-quarters of those who deploy email authentication standard fail to get its full benefits, ValiMail says.

View Content by Month

[close this box]

Hot Topics

Editors' Choice

Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms

Kelly Jackson Higgins, Executive Editor at Dark Reading, 8/14/2018

Intel Reveals New Spectre-Like Vulnerability

Curtis Franklin Jr., Senior Editor at Dark Reading, 8/15/2018

Australian Teen Hacked Apple Network

Dark Reading Staff 8/17/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

Gamer Theory of Threat Hunting

Beginner's Guide to Brute Force & DDoS Attacks

Essential Guide - Blocking Malware Without a SOC

[Guide] Setting Up an Application Security Program

Ironclad APIs: An Approach for App Security Testing

More White Papers

Video

All Videos

Cartoon

Post a Comment

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-15504
PUBLISHED: 2018-08-18

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.

CVE-2018-15505
PUBLISHED: 2018-08-18

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...

CVE-2018-15492
PUBLISHED: 2018-08-18

A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.

CVE-2018-15494
PUBLISHED: 2018-08-18

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.

CVE-2018-15495
PUBLISHED: 2018-08-18

/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.

Terms of Service
Privacy Statement
Legal Entities