Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Authentication posted in May 2018
The Good News about Cross-Domain Identity Management
Commentary  |  5/31/2018  | 
Adoption of the SCIM open source, standards-based approach for syncing user information between applications is ratcheting up among SaaS vendors as well as enterprises.
Facebook Must Patch 2 Billion Human Vulnerabilities; How You Can Patch Yours
Commentary  |  5/31/2018  | 
The situation Facebook is in should be prompting all security teams to evaluate just how defenseless or protected the people in their organizations are.
6 Ways Third Parties Can Trip Up Your Security
Slideshows  |  5/29/2018  | 
Poor access control, inadequate patch management, and non-existent DR practices are just some of the ways a third party can cause problems
More Than Half of Users Reuse Passwords
News  |  5/24/2018  | 
Users are terrible at passwords and the problem is only getting worse, according to an expansive study of more than 100 million passwords and their owners.
What Should Post-Quantum Cryptography Look Like?
News  |  5/23/2018  | 
Researchers are tackling the difficult problem of transitioning toward a new mode of cryptographic protections that won't break under the pressure of quantum computing power.
GDPR 101: Keeping Data Safe Throughout the 'Supply Chain'
Commentary  |  5/22/2018  | 
There are a lot of moving pieces involved with data collection, retention, and processing in the EU's new General Data Protection Regulation. Here's how to break down responsibilities between your security team and service providers.
How to Hang Up on Fraud
Commentary  |  5/18/2018  | 
Three reasons why the phone channel is uniquely vulnerable to spoofing and what call centers are doing about it.
California Teen Arrested for Phishing Teachers to Change Grades
Quick Hits  |  5/17/2018  | 
The student faces 14 felony counts for using a phishing campaign to steal teachers' credentials and alter students' grades.
Why Isn't Integrity Getting the Attention It Deserves?
Commentary  |  5/17/2018  | 
A focus on integrity requires a shift in the way many approach security management, but it's one of the most promising approaches to effective enterprise security.
FIDO Alliance Appoints Facebook to Board of Directors
Quick Hits  |  5/16/2018  | 
Facebook joins Google, Microsoft, Amazon, and Intel, all among major influential tech companies backing FIDO authentication.
Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Commentary  |  5/9/2018  | 
Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.
10 Lessons From an IoT Demo Lab
Slideshows  |  5/7/2018  | 
The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.
6 Enterprise Password Managers That Lighten the Load for Security
Slideshows  |  5/3/2018  | 
EPMs offer the familiar password wallet with more substantial administrative management and multiple deployment models.
Spring Clean Your Security Systems: 6 Places to Start
Commentary  |  5/2/2018  | 
The sun is shining and you have an extra kick in your step. Why not use that newfound energy to take care of those bothersome security tasks you've put off all winter?
A Data Protection Officer's Guide to GDPR 'Privacy by Design'
Commentary  |  5/1/2018  | 
These five steps can show you how to start building your foundational privacy program for the EU's General Data Protection Regulation.


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27941
PUBLISHED: 2021-05-06
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the...
CVE-2021-29203
PUBLISHED: 2021-05-06
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gai...
CVE-2021-31737
PUBLISHED: 2021-05-06
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
CVE-2020-28198
PUBLISHED: 2021-05-06
** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode wh...
CVE-2021-28665
PUBLISHED: 2021-05-06
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.