Advertise

News & Commentary

Content tagged with Authentication posted in December 2016

View Content By Month

Macau Resident Held For Hacking, Insider Trading Charges In US

Quick Hits | 12/28/2016 |

Post a comment

Iat Hong and two others allegedly breached computers of major US law firms and stole confidential exchange on M&A transactions.

Network Security: An Ounce Of Prevention Is Worth A Pound Of Reaction

Commentary | 12/22/2016 |

2 comments

For humans ailments, prevention might begin with an allergist. In security, it's the network engineer.

Financial Data Worth Millions Unwittingly Exposed In Ameriprise Accounts

Quick Hits | 12/19/2016 |

Post a comment

Leak of bank account and financial planning details emanated from a financial advisor's unsecured Internet-connected backup drive at home.

Amit Yoran Leaves Dell RSA To Join Tenable As New CEO

News | 12/15/2016 |

Post a comment

Yoran says recent Dell acquisition of RSA parent company EMC did 'not really' impact his decision to leave.

8 Most Hackable Holiday Gifts, 2016 Edition

Slideshows | 12/14/2016 |

Post a comment

You better watch out! Otherwise, you may be giving the gift of malware or unauthorized access to networks and devices.

The Internet Of Things: When Bigger Is Not Better

Commentary | 12/13/2016 |

Post a comment

What happens when 10,000 companies add programmability and connectivity to their products, and we increase the Internet’s attack surface by a million times or more?

Pay Ransom Or Infect Others!

Quick Hits | 12/12/2016 |

3 comments

Still under development, new ransomware will ask victims to free their files by paying 1 bitcoin or by infecting two others.

How Retailers Can Fight Holiday Season Hackers

Slideshows | 12/8/2016 |

Post a comment

Experts offer tips for locking down retailers’ point-of-sale systems for the busy holiday shopping season.

Researchers Find Backdoors, Bugs In Sony, White Box IP Cameras

News | 12/7/2016 |

1 comment

New vulnerabilities discovered by SEC Consult and Cybereason highight increasing IoT threat to enterprises.

Biometric Technology Is Not A Cure-All For Password Woes

Commentary | 12/7/2016 |

Post a comment

No single authentication token is infallible. The only real solution is multifactor authentication.

Dark Web Vendor Gets 50 Months Jail For ID Theft

Quick Hits | 12/2/2016 |

2 comments

Minnesota resident Aaron Glende aka IcyEagle caught selling stolen bank details on AlphaBay market.

DMARC Continues To Confound Users, Report Says

News | 12/1/2016 |

2 comments

Almost three-quarters of those who deploy email authentication standard fail to get its full benefits, ValiMail says.

View Content by Month

[close this box]

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Cybersecurity Outlook 2023 - December 13 Event

Black Hat Europe - December 5-8 - Learn More

[FREE Virtual Event] The Identity Crisis

More Informa Tech Live Events

White Papers

State of Email Security

Ransomware Is On The Rise

BotGuard for Denial of Inventory & Stockouts

The Ultimate Buyer's Guide: SASE Security

Analyzing the Economic Benefits of Microsoft Defender for IoT

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Creating an Effective Incident Response Plan

Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2022-4169
PUBLISHED: 2022-11-28

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...

CVE-2022-41732
PUBLISHED: 2022-11-28

IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.

CVE-2021-45036
PUBLISHED: 2022-11-28

Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.

CVE-2022-44399
PUBLISHED: 2022-11-28

Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.

CVE-2022-31877
PUBLISHED: 2022-11-28

An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]