Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in June 2016
Privacy Shield: Can the US Earn the EUs Trust Post Apple vs. FBI?
Commentary  |  6/20/2016  | 
Rebuilding the privacy framework for data transfer between the US and its European trading partners wont be easy but its still a worthwhile effort.
How Secure is Secure? Tips For Investing In The Right Strategy
Commentary  |  6/17/2016  | 
Business alignment, defense-in-depth and a phased approach are three principles to follow when building out a solid security program.
What CISOs Need to Tell The Board About Cyber Risk
Commentary  |  6/15/2016  | 
To avoid devastating financial losses, boards and the C-suite must have a deep understating of the cyber risks their organizations face. Heres what they need to hear from the security team
Preliminary Agreement Reached On Airline Cybersecurity
Quick Hits  |  6/14/2016  | 
Panel likely to propose broad package of cyber protection including cockpit alarms, say sources.
12 Tips for Securing Cyber Insurance Coverage
Slideshows  |  6/13/2016  | 
As cyber insurance grows more available and popular it is also becoming increasingly complex and confusing. Our slideshow offers guidelines on how to get insurance, get decent coverage, and avoid limitations in coverage.
Cloud Apps Just As Secure As On-Premise Apps, Say InfoSec Pros
News  |  6/9/2016  | 
Unfortunately, 75% of cloud apps will still fall afoul of the new EU General Data Protection Regulation, according to new studies.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4169
PUBLISHED: 2022-11-28
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...
CVE-2022-41732
PUBLISHED: 2022-11-28
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.
CVE-2021-45036
PUBLISHED: 2022-11-28
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.
CVE-2022-44399
PUBLISHED: 2022-11-28
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-31877
PUBLISHED: 2022-11-28
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.