Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in May 2014
FireEye: Malware Traffic to Ukraine, Russia Spiked During Peak of Conflict
News  |  5/29/2014  | 
A FireEye researcher posits that a significant spike in malware traffic to Russia and the Ukraine at the height of the conflict between the two countries could be part of a trend -- and could improve threat intelligence.
Dissecting Dendroid: An In-Depth Look Inside An Android RAT Kit
Commentary  |  5/28/2014  | 
Dendroid is full of surprises to assist it in subverting traditional security tactics through company-issued Android phones or BYOD.
Over 90 Arrested in Global FBI Crackdown on Blackshades RAT
News  |  5/19/2014  | 
A collaborative operation by international law enforcement agencies nabbed authors, staff members, and users of the popular software used for everything from blackmail to financial fraud.
Tech Insight: Free Tools For Offensive Security
Commentary  |  5/19/2014  | 
A professional penetration tester offers a look at the latest free and open-source tools available for pen testing and offensive tactics.
FireEye To Buy nPulse Technologies
News  |  5/6/2014  | 
Acquisition will add high-speed, full packet capture technology to FireEye and Mandiant portfolio for detecting and responding to attacks.
Sneaky Windows Folder Poisoning Attack Steals Access Rights
News  |  5/6/2014  | 
Windows challenge-response authentication protocol could be abused by PC hackers to easily access wider corporate networks.
Security Flaw Found In OAuth 2.0 And OpenID; Third-Party Authentication At Risk
Quick Hits  |  5/4/2014  | 
Authentication methods used by Facebook, Google, and many other popular websites could be redirected by attackers, researcher says.
Privacy, Cybercrime Headline the Infosecurity Europe Conference
Slideshows  |  5/2/2014  | 
Attendees debate NSA surveillance, privacy reforms, cybercrime defenses, and sharpen their CISO skills.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37457
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).
CVE-2021-37458
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).
CVE-2021-37459
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).
CVE-2021-37460
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).
CVE-2021-37461
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).