Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Security Monitoring posted in October 2016
Encryption: A Backdoor For One Is A Backdoor For All
Commentary  |  10/14/2016  | 
We need legislation that allows law enforcement to find criminals and terrorists without eroding our security and privacy.
Incident Response A Challenge For 98% Of InfoSec Pros
News  |  10/6/2016  | 
Too many alerts and too little staff leave security pros swimming in threat intel and begging for automation.
20 Questions To Explore With Security-as-a-Service Providers
Commentary  |  10/5/2016  | 
This list will help you leverage the niche expertise of security-as-a-service providers, and assess which vendor can best meet your needs


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.