News & Commentary

Content tagged with Compliance posted in October 2015
Cybersecurity Insurance: 4 Practical Considerations
Commentary  |  10/12/2015  | 
There can't be reliable cybersecurity insurance until companies can identify who is responsible for the continuous exploitation of stolen data, long-lasting attacks, and hardly-detectable APTs.
Chipping Away At Credit Card Fraud With EMV
Commentary  |  10/8/2015  | 
As of October 1, so-called chip-and-pin technology is now the law of the land for electronic payments in the US. But its not the silver bullet that will instantly stop all cybercrime.
What The EUs Safe Harbor Ruling Means For Data Privacy In The Cloud
Commentary  |  10/6/2015  | 
The European Court of Justice today struck down the 15-year-old data transfer agreement between the European Union and the US. Heres how to begin to prepare for the fallout.


'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6705
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.
CVE-2018-15717
PUBLISHED: 2018-12-12
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.
CVE-2018-15718
PUBLISHED: 2018-12-12
Open Dental before version 18.4 transmits the entire user database over the network when a remote unathenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more.
CVE-2018-15719
PUBLISHED: 2018-12-12
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.
CVE-2018-6704
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.