News & Commentary

Content tagged with Compliance posted in September 2010
You're Always Just Two Clicks Away From Malware
Quick Hits  |  9/28/2010  | 
New study shows correlation between top 1,000 visited websites and proximity to malware
Turn Workers Into Security Partners
News  |  9/20/2010  | 
Rather than just protect employees or protect against them, security managers should rely on users to help defend the business
Google Bolsters Apps With Two-Step Verification
News  |  9/20/2010  | 
Protection will be available first to Google Apps Premiere, Government, and Education edition users, at no extra charge
Product Watch: New Tool Moves Browser Into Virtual Environment For Security
News  |  9/13/2010  | 
Shields Windows machine from Web-borne attacks
ESET Rolls Out Cybersecurity For Mac
News  |  9/13/2010  | 
Security solution features an interactive educational component for users
Deloitte Poll: Respondents Lack Confidence in Ability of Private Enterprises To Reduce Occurrence Of Cyber Crime
News  |  9/10/2010  | 
Majority of participants said they have received phishing e-mail messages
String Of Deals Shows Demand for Cloud-Based Authentication
News  |  9/7/2010  | 
Acquisitions highlight how authentication-as-a-service is now part of identity and access management strategies


'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12716
PUBLISHED: 2018-06-25
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its l...
CVE-2018-12705
PUBLISHED: 2018-06-24
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
CVE-2018-12706
PUBLISHED: 2018-06-24
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
CVE-2018-12714
PUBLISHED: 2018-06-24
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial o...
CVE-2018-12713
PUBLISHED: 2018-06-24
GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was ...