News & Commentary

Content tagged with Privacy posted in July 2016
How To Stay Safe On The Black Hat Network: Dont Connect To It
Commentary  |  7/28/2016  | 
Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and theres no better place to do it than Black Hat.
7 Ways To Charm Users Out of Their Passwords
Slideshows  |  7/27/2016  | 
While the incentives have changed over time, it still takes remarkably little to get users to give up their passwords.
In Security, Know That You Know Nothing
Commentary  |  7/26/2016  | 
Only when security professionals become aware of what they dont know, can they start asking the right questions and implementing the right security controls.
Russia Likely Behind DNC Breach, Says FBI
Quick Hits  |  7/26/2016  | 
Motive behind DNC hack and leak is possibly to tilt election in favor of Trump, say US officials.
Security Gets Political With Hacks, Darknet Sales
News  |  7/21/2016  | 
As presidential campaigns get into full swing, neither party is immune to online chicanery -- and neither are voters
Staying Cyber Safe At The Olympics
Slideshows  |  7/16/2016  | 
Travel tips and more in hostile environments abroad.
What's Next For Canadas Surveillance Landscape?
Commentary  |  7/14/2016  | 
Edward Snowden headlines SecTor security conference as Canadian privacy advocates await the Trudeau governments next move in the countrys complex privacy and security debate.
EUs General Data Protection Regulation Is Law: Now What?
Commentary  |  7/12/2016  | 
Organizations have two years to prepare to act as borrowers, not owners, of customer data. Here are seven provisions of the new GPDR you ignore at your peril.
Facebook Will Offer 'Secret Conversations' On Messenger
Quick Hits  |  7/11/2016  | 
New feature with end-to-end encryption on some opt-in messages likely to be available soon.
Finance, Healthcare,Tech Sectors Highest Users Of Encryption, Survey Says
Quick Hits  |  7/6/2016  | 
Ponemon/Thales survey shows highly regulated industries are catching on.


Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.,  8/20/2018
Ohio Man Sentenced To 15 Months For BEC Scam
Dark Reading Staff 8/20/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15667
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can...
CVE-2018-15668
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment_" prefix designate atta...
CVE-2018-15669
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from HTMLIFrameElements are blacklisted. However, other sub-classes of HTMLFrameOwnerElements are...
CVE-2018-15670
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if t...
CVE-2018-15671
PUBLISHED: 2018-08-21
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.