Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Security Monitoring posted in September 2012
The Plural Of Data Is Not Analytics
Commentary  |  9/30/2012  | 
When it comes to security monitoring, searching and reporting aren’t always enough. The added value comes from analytics: turning data into information
Security Intelligence Starts With Detecting The Weird
News  |  9/28/2012  | 
As companies try to make sense of a greater amount of information on their networks, anomaly detection becomes more difficult but more important as well
From Catching A Clue To Catching The Attacker: SIEMs Evolve
News  |  9/14/2012  | 
Security information and event monitoring (SIEM) and log management systems have generally fallen short of detecting attacks in real time. That's changing, say security experts
Talking 'Bout My Reputation
Commentary  |  9/1/2012  | 
When good security monitoring means not believing everything you're told


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-23359
PUBLISHED: 2021-01-27
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check.
CVE-2020-23360
PUBLISHED: 2021-01-27
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php
CVE-2020-23361
PUBLISHED: 2021-01-27
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
CVE-2021-25311
PUBLISHED: 2021-01-27
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
CVE-2021-25312
PUBLISHED: 2021-01-27
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.