Business Technology News and Commentary

Content tagged with Authentication posted in August 2014

Quick Hits | 8/12/2014 |

Parliament is looking for answers about biometrics' privacy, security, future uses, and whether or not legislation is ready for what comes next.

6 Biometric Factors That Are Working Today

Slideshows | 8/12/2014 |

23 comments

From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.

Biggest Cache of Stolen Creds Ever Includes 1.2 Billion Unique Logins

Quick Hits | 8/5/2014 |

16 comments

A Russian crime ring has swiped more than a billion unique username-password combinations, plus a half-million email addresses.

'Backoff' Malware: Time To Step Up Remote Access Security

Commentary | 8/1/2014 |

10 comments

DHS issues advisory about remote desktop access tools associated with recent point-of-sale breaches.

View Content by Month

Hot Topics

Editors' Choice

Major Brazilian Bank Tests Homomorphic Encryption on Financial Data

Kelly Sheridan, Staff Editor, Dark Reading, 1/10/2020

Exploits Released for As-Yet Unpatched Critical Citrix Flaw

Jai Vijayan, Contributing Writer, 1/13/2020

Microsoft Patches Windows Vuln Discovered by the NSA

Kelly Sheridan, Staff Editor, Dark Reading, 1/14/2020

Live Events

Webinars

Data Center World Registration is open! Prices increase January 20

Solve your data center questions at Data Center World, March 16-19 in San Antonio. Register before January 20 and save $200!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

NetFlow vs Packet Data

[Exclusive InformationWeek IT Trend Report] The Cloud Gets Ready for the 20's

Definitive Guide to Securing DevOps

IDC Report: Key Requirements for EDR

451 Report: A SecOps Blueprint for Modern Network Security

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Year in Security: 2019

This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Just Released] How Enterprises are Attacking the Cybersecurity Problem

Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.

Download Now!

How Data Breaches affect the Enterprise

0 comments

Rethinking Enterprise Data Defense

0 comments

Assessing Cybersecurity Risk in Today's Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-20003
PUBLISHED: 2020-01-17

Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication.

CVE-2019-3686
PUBLISHED: 2020-01-17

openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security

CVE-2019-3683
PUBLISHED: 2020-01-17

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and...

CVE-2019-3682
PUBLISHED: 2020-01-17

The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.

CVE-2019-17361
PUBLISHED: 2020-01-17

In SaltStack Salt through 2019.2.0, the salt-api NEST API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.

News & Commentary