News & Commentary

Content tagged with Authentication posted in July 2014
Weak Password Advice From Microsoft
Commentary  |  7/28/2014  | 
Tempting as it may seem to do away with strong passwords for low-risk websites, password reuse is still a significant threat to both users and business.
Passwords Be Gone! Removing 4 Barriers To Strong Authentication
Commentary  |  7/24/2014  | 
As biometric factors become more prevalent on mobile devices, FIDO Alliance standards will gain traction as an industry-wide authentication solution.
7 Arrested, 3 More Indicted For Roles In Cyber Fraud Ring That Stung StubHub
News  |  7/23/2014  | 
Arrests made in New York state, London, Toronto, and Spain for money laundering, grand larceny, and using StubHub customers' credit cards to buy and sell 3,500 e-tickets to prime events.
Internet of Things: Security For A World Of Ubiquitous Computing
Commentary  |  7/21/2014  | 
Endpoint security is hardly dead, and claiming that it is oversimplifies the challenges corporations face now and in the not-very-distant future.
Passwords & The Future Of Identity: Payment Networks?
Commentary  |  7/16/2014  | 
The solution to the omnipresent and enduring password problem may be closer than you think.
Payment Card Data Theft: Tips For Small Business
Commentary  |  7/15/2014  | 
For small businesses looking to reduce their exposure to data theft the good news is the advantage of being small.
While Brazilians Watch World Cup, Bank Fraudsters Are At Work
News  |  7/11/2014  | 
Passive biometrics allow BioCatch to tell the difference between busy fraudsters and distraught soccer fans.
Fake Google Digital Certificates Found & Confiscated
News  |  7/9/2014  | 
A certificate authority in India had issued rogue certificates for some Google domains, the search engine giant discovers.


New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Cracking 2FA: How It's Done and How to Stay Safe
Kelly Sheridan, Staff Editor, Dark Reading,  5/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The one you have not seen, won't be remembered".
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10428
PUBLISHED: 2018-05-23
ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting.
CVE-2018-6495
PUBLISHED: 2018-05-23
Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to al...
CVE-2018-10653
PUBLISHED: 2018-05-23
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVE-2018-10654
PUBLISHED: 2018-05-23
There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVE-2018-10648
PUBLISHED: 2018-05-23
There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.