Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in June 2008
Survey: Unstructured Data a Security Nightmare
Quick Hits  |  6/30/2008  | 
New Ponemon Institute report finds organizations don't have a grip on access to data on file servers, network-attached storage
TV Guide/Comcast Joint Venture Gets NAC
News  |  6/27/2008  | 
GuideWorks adds mobile, visiting users to its network with TippingPoint appliance
Google, Microsoft Back Security & Privacy Framework for Online Health Data
Quick Hits  |  6/25/2008  | 
The Common Framework for Networked Personal Health Information defines best practices for protecting patient data for online access
Microsoft, Novell, Oracle, PayPal, Others Launch New Digital ID Forum
Quick Hits  |  6/23/2008  | 
Nonprofit Information Card Forum established to unite various industry efforts for building online information identities to replace the username/password model
Filling Out Forms: Still a Dangerous Game
News  |  6/20/2008  | 
Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says
New Worm Spawns More Than 8M Spam Messages
Quick Hits  |  6/20/2008  | 
Fake news come-ons lead to infected porn site
ID Protection Startup Prepares Commercial Push
News  |  6/19/2008  | 
After completing identity theft study and numerous breach response engagements, Debix says it's good to go
Stolen Healthcare, Airline Credentials Found on Servers
News  |  6/18/2008  | 
Researchers at Finjan say cybercriminals are looking beyond stolen credit card accounts
GAO: There Ought to Be a Law
Quick Hits  |  6/18/2008  | 
Government's ability to extract and manipulate personal data is too broad, watchdog agency says
Could a Smartphone Solve the Notebook Security Problem?
News  |  6/18/2008  | 
Maybe instead of looking at them as a new problem, we should consider smartphones as a potential security solution
Verizon Study Links External Hacks to Internal Mistakes
News  |  6/12/2008  | 
Most breaches come from outside the company, but they are often triggered by unfound errors on the inside
Cybercrime Outranks Other Crimes on Europeans' Worry List
Quick Hits  |  6/11/2008  | 
Almost half of German PC users believe they will eventually fall victim
Mind-Reading: The Next Great Privacy Debate?
Quick Hits  |  6/9/2008  | 
New MRI technology lets doctors see images in your mind - now there's a scary thought
New Virus Lets Attackers Hold Data for Ransom
Quick Hits  |  6/6/2008  | 
Gpcode variant encrypts many file types with strong key; attackers ask for a bounty to decrypt
Gartner Details Real-Time 'Adaptive' Security Infrastructure
News  |  6/3/2008  | 
Future security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P Leak
News  |  6/3/2008  | 
Data loss at Walter Reed exposed personal information on 1,000 soldiers
At Gartner Summit, Experts Question Security's Future
News  |  6/2/2008  | 
Analysts, sci-fi authors challenge security pros to rethink the status quo


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4169
PUBLISHED: 2022-11-28
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...
CVE-2022-41732
PUBLISHED: 2022-11-28
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.
CVE-2021-45036
PUBLISHED: 2022-11-28
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.
CVE-2022-44399
PUBLISHED: 2022-11-28
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-31877
PUBLISHED: 2022-11-28
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.