Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in September 2011
Outdated Browsers Leave Many Enterprises Vulnerable To Attack
News  |  9/27/2011  | 
Despite efforts to get users to update browsers, the search for better security only begins with a patch
QSAs Share What Drives Improved PCI Practices
News  |  9/26/2011  | 
As organizations shift attitudes and overcome misconceptions, PCI compliance and security improve
New FFIEC Authentication Guidance Calls For Layers
Commentary  |  9/24/2011  | 
Increased threats and weaknesses in certain accepted authentication mechanisms, FFIEC warns
Trusted Computing: Still Waiting For The Big Dance
News  |  9/20/2011  | 
Technology now built into more than 500 million PCs, but most enterprises still don't use it
(ISC)2 Launches New Foundation For Security Education
Quick Hits  |  9/19/2011  | 
Charitable initiative will offer user education, youth programs
Getting Started With Cloud Compliance
News  |  9/12/2011  | 
All of the same compliance rules still apply in the cloud
The Criticality Of Risk Assessments: FISMA, HIPAA, And Other Regs
Commentary  |  9/4/2011  | 
Risk assessments are a critical part of regulatory compliance, but many organizations don't implement them well
NortonLive Ultimate Help Desk Now Supports Small Business Owners
News  |  9/1/2011  | 
NortonLive Ultimate Help Desk offers Small Business Plan with unlimited support for a broad range of computer and digital devices


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36610
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of ...
CVE-2022-4350
PUBLISHED: 2022-12-08
A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument content_title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to...
CVE-2022-4353
PUBLISHED: 2022-12-08
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. ...
CVE-2022-4354
PUBLISHED: 2022-12-08
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been ...
CVE-2020-36609
PUBLISHED: 2022-12-08
A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to init...