Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in August 2009
Hacker Ring Tied To Major Breaches Just Tip Of The Iceberg
News  |  8/24/2009  | 
TJX-Heartland attacker and cohorts also reportedly hacked ATM machines in 7-Elevens, but their wide net is likely just one of many
Employers Crack Down On Social Networking, Web Surfing At Work
Quick Hits  |  8/21/2009  | 
More than three-quarters of organizations now block social net sites, ScanSafe says
Botmaster: It's All About Infecting, Selling Big Batches of Bots
News  |  8/20/2009  | 
Undercover Cisco researcher told the going rate for a single bot is 10- to 25 cents
Rare Malware A Hint Of Threats To Come
News  |  8/19/2009  | 
Researchers are spotting new forms of malware features that could signal a new generation of harder-to-kill badware
Mac OS X Trojan Attack Changes DNS Settings
Quick Hits  |  8/11/2009  | 
Researchers spot new variant of malware that prepares machines for botnet recruitment and other cybercrime uses
Report: Less Budget, More Data Leaks
Quick Hits  |  8/10/2009  | 
Budget constraints, social networks, and mobile devices take their toll as data leaks among U.S. enterprises multiply
DDoS Attacks On Twitter, Facebook Result Of Massive Attack On One Person
News  |  8/7/2009  | 
Botnet attack takes aim at pro-Georgian blogger and leaves collateral damage on social networking sites
ISPs Team In Bot Cleanup
News  |  8/6/2009  | 
ISP group issues guidelines for how to clean up bot-infected consumers


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4169
PUBLISHED: 2022-11-28
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...
CVE-2022-41732
PUBLISHED: 2022-11-28
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.
CVE-2021-45036
PUBLISHED: 2022-11-28
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.
CVE-2022-44399
PUBLISHED: 2022-11-28
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-31877
PUBLISHED: 2022-11-28
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.