Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in March 2008
Security Issues Limit Telecommuting
Quick Hits  |  3/31/2008  | 
Want to work from home? Better beef up security first, CDW study says
Black Hat Researcher Hacks Biometric System
News  |  3/31/2008  | 
'Biologger' steals fingerprint, other biometric data
Tech Insight: Keeping Your Thumb on Thumb Drives
News  |  3/28/2008  | 
Those little USB drives certainly are handy, but how do you keep your company's sensitive data from walking away? Here are a few ideas
Millions of Russians' Personal Data Posted on Free Website
News  |  3/26/2008  | 
Names, addresses, account information, and other data posted by unknown source
Child Charities Stand Against Web 'Intelligence Gathering'
Quick Hits  |  3/25/2008  | 
People shouldn't lose opportunities because of something they wrote on MySpace at age 14, consortium says
Intel Researching New Approach to Laptop Security
News  |  3/24/2008  | 
'Proteus' technology tracks user behavior, flags atypical activity
Has Banking Industry Overlooked Its Biggest Breach Ever?
Quick Hits  |  3/24/2008  | 
Insider theft case at Compass Bank affected more than 1M customers
US Treasury Department Adopts Dual-Factor Authentication
News  |  3/21/2008  | 
Entrust IdentityGuard costs only 25 cents per card for each user
Obama Suffers Personal Data Breach
Quick Hits  |  3/21/2008  | 
State Department contractors under investigation for accessing passport files without authorization
Hannaford, Security Industry Hunt for Cause of Massive Breach
News  |  3/18/2008  | 
Speculation runs rampant as grocery retailer attempts to find out how 4.2 million credit card records were stolen
Curiosity Over Britney Kills Careers of 13 Cats
Quick Hits  |  3/17/2008  | 
UCLA Medical Center employees lose jobs after peeking at pop star's private files
Hacking Vista's Smart Cards
News  |  3/14/2008  | 
Former Microsoft security team member will demonstrate how his new fuzzer hacks smart card plug-in
Hacking WiFi
News  |  3/13/2008  | 
Here's an evil twin that can seriously alter your Starbucks experience
NSA Pushes 'Labeled' Access Control for NFS
News  |  3/13/2008  | 
National Security Agency's technology would tighten access to sensitive files and apps on NFS storage
IBM Buys Single-Sign-On Upstart
News  |  3/13/2008  | 
Acquisition of Encentuate will broaden IBM/Tivoli's identity management offerings, officials say
Security's 'See-Through' Camera
Quick Hits  |  3/11/2008  | 
New camera lets administrators check for objects under an individual's clothes - without seeing the family jewels
Battle Against Fast-Flux Botnets Intensifies
News  |  3/10/2008  | 
ICANN proposes recommendations to help disrupt, and ultimately take down, these stealthy botnets
Hacking: The New Child's Play?
News  |  3/5/2008  | 
Researchers worry as teens and pre-teens play an increasing role in illegal online exploits
Tool Physically Hacks Windows
News  |  3/5/2008  | 
Lets an attacker use Firewire to take over a 'locked' Windows machine
Canadian Cops Bust Identity Theft 'Hub'
News  |  3/3/2008  | 
Nine arrested, suspected of being part of larger ID theft ring
Hackers Cut in Line to Buy Tickets
Quick Hits  |  3/3/2008  | 
Hack allows buyers to jump to the front of the queue and purchase prime tickets online before fans can get to them


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41617
PUBLISHED: 2021-09-26
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gro...
CVE-2021-3830
PUBLISHED: 2021-09-26
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.