Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Authentication posted in February 2017
Voice Biometrics Prone To Error, Study Shows
News  |  2/20/2017  | 
New research shows the need for a holistic solution to authentication, not just voice biometrics alone.
Why Identity Has Become A Top Concern For CSOs
Commentary  |  2/14/2017  | 
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
National Security, Regulation, Identity Top Themes At Cloud Security Summit
News  |  2/13/2017  | 
Gen. Keith Alexander gives Trump a thumbs-up and Cloud Security Alliance releases a new application.
4 Signs You, Your Users, Tech Peers & C-Suite All Have 'Security Fatigue'
Commentary  |  2/9/2017  | 
If security fatigue is the disease we've all got, the question is how do we get over it?
What to Watch (& Avoid) At RSAC
Commentary  |  2/8/2017  | 
A renowned security veteran shares his RSA dance card, offering views on technologies destined for the dustbin of history and those that will move the industry forward.
Appeals Court Orders Review Of 2015 Target Breach Settlement
Quick Hits  |  2/6/2017  | 
Order follows victim appeal to hold the retailer liable for future identity theft claims stemming from the 2013 breach.
10 Essential Elements For Your Incident-Response Plan
Slideshows  |  2/2/2017  | 
The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4169
PUBLISHED: 2022-11-28
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...
CVE-2022-41732
PUBLISHED: 2022-11-28
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.
CVE-2021-45036
PUBLISHED: 2022-11-28
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.
CVE-2022-44399
PUBLISHED: 2022-11-28
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-31877
PUBLISHED: 2022-11-28
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.