Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in June 2012
Black Hat: Developer Aims To Make Attack Recovery More Intelligent
News  |  6/28/2012  | 
One company uses threat information, virtualization and analysis to build a better way to disinfect compromised systems
New Forensics Method May Nab Insider Thieves
News  |  6/26/2012  | 
Black Hat presentation features a new methodology that has already produced real-world results
Researchers Beat Up Google's Bouncer
News  |  6/25/2012  | 
The gatekeeper for the Android app store has major growing pains ahead, as security researchers find ways to bypass it
Broader Digital Landscape Means More Places To Hide
News  |  6/22/2012  | 
With IPv6, a deluge of new top-level domains, and DNSSEC all coming, the Internet will become a much bigger place. Defenses that worked in the past won't work in the future
Advanced JavaScript Attack Threatens SOHO Routers
News  |  6/19/2012  | 
Using JavaScript and cross-site request forgery, two researchers plan to show it's possible to attack routers leveraging computers on the internal network
Black Hat USA 2012: Complete Coverage
News  |  6/12/2012  | 
A round-up of articles leading up to and live coverage from Black Hat USA 2012, July 21-26, Las Vegas


More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22850
PUBLISHED: 2021-01-19
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
CVE-2021-22851
PUBLISHED: 2021-01-19
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.
CVE-2021-22852
PUBLISHED: 2021-01-19
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data.
CVE-2021-3178
PUBLISHED: 2021-01-19
** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to preven...
CVE-2021-3177
PUBLISHED: 2021-01-19
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf i...