Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in July 2009
'MonkeyFist' Launches Dynamic CSRF Web Attacks
News  |  7/30/2009  | 
Researchers release tool that automates cross-site request forgery attacks
Exploits Take Advantage Of Hot News, Search Queries
Quick Hits  |  7/28/2009  | 
Attackers look to attach their malware to hot Google searches, report says
Two Newly Disclosed Hacks Prey On Browser, Web Security
News  |  7/20/2009  | 
New cross-site request forgery (CSRF) proof-of-concept and Firefox 3.5 hacking tool released
Least-Privilege Technology Still Swimming Upstream, But Making Progress
News  |  7/10/2009  | 
Fundamental shift in endpoint security might be easier with rollout of Windows 7, experts say
Research: A Day In the Life of A Spamming Bot
Quick Hits  |  7/9/2009  | 
ESET researchers discover that a Waledac-infected bot spams out 150,000 messages a day
Oracle Report: Consumers Fickle About Ecommerce Security Controls
Quick Hits  |  7/7/2009  | 
Nearly one-third of U.K.'s online shoppers don't trust online security measures, but most don't want additional controls if it affects ease and speed of transactions
New Tool And Managed Service 'Penetration-Test' End Users
News  |  7/6/2009  | 
New User Attack Framework (UAF) could eventually work with Metasploit's hacking tool, researchers say


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36610
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of ...
CVE-2022-4350
PUBLISHED: 2022-12-08
A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument content_title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to...
CVE-2022-4353
PUBLISHED: 2022-12-08
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. ...
CVE-2022-4354
PUBLISHED: 2022-12-08
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been ...
CVE-2020-36609
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to init...