News & Commentary

Content tagged with Compliance posted in June 2008
Survey: Unstructured Data a Security Nightmare
Quick Hits  |  6/30/2008  | 
New Ponemon Institute report finds organizations don't have a grip on access to data on file servers, network-attached storage
TV Guide/Comcast Joint Venture Gets NAC
News  |  6/27/2008  | 
GuideWorks adds mobile, visiting users to its network with TippingPoint appliance
Google, Microsoft Back Security & Privacy Framework for Online Health Data
Quick Hits  |  6/25/2008  | 
The Common Framework for Networked Personal Health Information defines best practices for protecting patient data for online access
Microsoft, Novell, Oracle, PayPal, Others Launch New Digital ID Forum
Quick Hits  |  6/23/2008  | 
Nonprofit Information Card Forum established to unite various industry efforts for building online information identities to replace the username/password model
Filling Out Forms: Still a Dangerous Game
News  |  6/20/2008  | 
Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says
New Worm Spawns More Than 8M Spam Messages
Quick Hits  |  6/20/2008  | 
Fake news come-ons lead to infected porn site
ID Protection Startup Prepares Commercial Push
News  |  6/19/2008  | 
After completing identity theft study and numerous breach response engagements, Debix says it's good to go
Stolen Healthcare, Airline Credentials Found on Servers
News  |  6/18/2008  | 
Researchers at Finjan say cybercriminals are looking beyond stolen credit card accounts
GAO: There Ought to Be a Law
Quick Hits  |  6/18/2008  | 
Government's ability to extract and manipulate personal data is too broad, watchdog agency says
Could a Smartphone Solve the Notebook Security Problem?
News  |  6/18/2008  | 
Maybe instead of looking at them as a new problem, we should consider smartphones as a potential security solution
Verizon Study Links External Hacks to Internal Mistakes
News  |  6/12/2008  | 
Most breaches come from outside the company, but they are often triggered by unfound errors on the inside
Cybercrime Outranks Other Crimes on Europeans' Worry List
Quick Hits  |  6/11/2008  | 
Almost half of German PC users believe they will eventually fall victim
Mind-Reading: The Next Great Privacy Debate?
Quick Hits  |  6/9/2008  | 
New MRI technology lets doctors see images in your mind - now there's a scary thought
New Virus Lets Attackers Hold Data for Ransom
Quick Hits  |  6/6/2008  | 
Gpcode variant encrypts many file types with strong key; attackers ask for a bounty to decrypt
Gartner Details Real-Time 'Adaptive' Security Infrastructure
News  |  6/3/2008  | 
Future security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P Leak
News  |  6/3/2008  | 
Data loss at Walter Reed exposed personal information on 1,000 soldiers
At Gartner Summit, Experts Question Security's Future
News  |  6/2/2008  | 
Analysts, sci-fi authors challenge security pros to rethink the status quo


Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10617
PUBLISHED: 2018-06-18
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application t...
CVE-2018-10621
PUBLISHED: 2018-06-18
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application ...
CVE-2018-10623
PUBLISHED: 2018-06-18
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote co...
CVE-2015-4664
PUBLISHED: 2018-06-18
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
CVE-2018-9021
PUBLISHED: 2018-06-18
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.