Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in November 2016
Petition Forces Parliament To Reconsider Surveillance Bill
Quick Hits  |  11/28/2016  | 
100,000 signatures require MPs to consider debating Snoopers' Charter again.
178 Arrested In Money Mule Crackdown
Quick Hits  |  11/22/2016  | 
Total of 17 countries involved in second European effort to disrupt cybercriminals' money laundering mechanism.
Adobe To Pay $1 Million Compensation In Data Breach Case
Quick Hits  |  11/17/2016  | 
Personal data of more than 500,000 consumers from 15 states were stolen in the 2013 breach of Adobe server.
Security Experts Call For Regulation On IoT Cybersecurity
News  |  11/16/2016  | 
During a House Committee hearing today, Bruce Schneier also asks for the establishment of a new government agency devoted to cybersecurity.
75,000 Data Protection Officers Needed By 2018 To Handle EU Law
News  |  11/9/2016  | 
US alone will need 9,000 DPOs to meet GDPR mandates, says International Association of Privacy Professionals - but don't expect that many new job listings.
China Passes Controversial Cybersecurity Law
Quick Hits  |  11/8/2016  | 
Global business and rights groups raise concern about the censorship that could impact foreign business interests.
Election 2016 & WikiLeaks: Bad, But Not Your Worst Nightmare
Commentary  |  11/4/2016  | 
John Podesta may be the poster child for poor user security practices but the real problem is rigid regulatory compliance frameworks that perpetuate ineffective perimeter defenses.
Anthem Breach Victims Go To Court Over Cybersecurity Audit Release
Quick Hits  |  11/1/2016  | 
Class-action lawsuit against health insurer seeks disclosure of network security details following data breach of 80 million members.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32615
PUBLISHED: 2021-05-13
Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.
CVE-2021-33026
PUBLISHED: 2021-05-13
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the ca...
CVE-2021-31876
PUBLISHED: 2021-05-13
Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with ...
CVE-2019-10062
PUBLISHED: 2021-05-13
The HTMLSanitizer class in html-sanitizer.ts in all released versions of the Aurelia framework 1.x repository is vulnerable to XSS. The sanitizer only attempts to filter SCRIPT elements, which makes it feasible for remote attackers to conduct XSS attacks via (for example) JavaScript code in an attri...
CVE-2020-23995
PUBLISHED: 2021-05-13
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.