News & Commentary

Content tagged with Compliance posted in May 2006
RFID Could Aid Border Security
News  |  5/26/2006  | 
Technology's role in potential expansion of US-Visit roils privacy advocates
Healthcare Firm Secures USB
News  |  5/25/2006  | 
Healthcare staffing firm Martin Fletcher has deployed new technologies and practices to ease security risks from memory sticks and other USB devices
Aerospace, Feds Activate PKI Bridge
News  |  5/24/2006  | 
The US Federal government and the aerospace industry are giving new life to PKI, building a bridge certificate authority to ease federated identity management
House Has New Crime Bill
News  |  5/12/2006  | 
Broader, tougher computer crime legislation is proposed by members of the US House of Representatives
Wave After TPM Wave
News  |  5/11/2006  | 
Wave Systems' Embassy Trust Suite 5.1 offers new authentication methods, file-level encryption for PCs
Deadline Could Spur Smart Cards
News  |  5/2/2006  | 
HSPD-12 requires unified government credentials - deployments serve as a proving ground


Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3483
PUBLISHED: 2019-03-25
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3484
PUBLISHED: 2019-03-25
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-6240
PUBLISHED: 2019-03-25
An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.
CVE-2015-3953
PUBLISHED: 2019-03-25
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospi...
CVE-2015-3954
PUBLISHED: 2019-03-25
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pump. Hospira recommen...