Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in July 2013
NSA Director Faces Cybersecurity Community At Black Hat
News  |  7/31/2013  | 
Gen. Keith Alexander aims to set the record straight on controversial NSA spying programs, calling out how leaked surveillance programs helped derail specific terror plots
New Free Service Cracks Weak Passwords
News  |  7/31/2013  | 
Cloud-based tool released for password auditing
Microsoft Extends MAPP To Incident Responders And Offers Free Online URL, File Scanner
News  |  7/29/2013  | 
Microsoft Active Protections Program evolving to a protection, detection, and remediation program
Cheap Monitoring Highlights Dangers Of Internet Of Things
News  |  7/27/2013  | 
Using a network of cheap sensors, the home-brewed CreepyDOL system can track people by signals sent from their mobile devices
Moving Away From Rash Hashing Decisions
News  |  7/24/2013  | 
Black Hat talk will discuss shortcomings of the latest technical evolution of hashing passwords for safe storage in databases, propose a competition to design something better
Getting Physical At Black Hat
News  |  7/23/2013  | 
Researchers offer up work on breaking into buildings by hacking alarm key pad sensors and key card access control systems
SIM Card Hack A Wakeup Call
News  |  7/22/2013  | 
Crack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone
3 Briefings That Highlight Infosec's High-Stakes Game
News  |  7/19/2013  | 
Spectacular exploits and worrying implications await
'Hangover' Persists, More Mac Malware Found
News  |  7/18/2013  | 
Attackers behind the Operation Hangover cyberspying campaign out of India found dropping OS X malware, covering their tracks online
Researchers To Highlight Weaknesses In Secure Mobile Data Stores
News  |  7/18/2013  | 
At Black Hat USA, a team of mobile-security researchers plans to show off ways to circumvent the security of encrypted containers meant to protect data on mobile devices
Service, Denied
News  |  7/17/2013  | 
Black Hat USA 2013 has lined up three DDoS-related Briefings, covering the topic from multiple angles
'Tortilla' Spices Up Active Defense Ops
News  |  7/16/2013  | 
New free Tor tool, due out at Black Hat USA, aims to make the Tor anonymizing network easier to use for all types of intel-gathering
How Attackers Thwart Malware Investigation
News  |  7/11/2013  | 
A researcher at Black Hat USA this month will dissect a recent attack, showing off attackers' techniques for making malware analysis harder and intelligence gathering more time consuming
Commercial DDoS Services Proliferate, Are Responsible For Many Recent Attacks
Commentary  |  7/10/2013  | 
Customers can DDoS a website for as little as $10, Vigilant by Deloitte speaker will tell Black Hat audience
Preparing For Possible Future Crypto Attacks
News  |  7/10/2013  | 
Security experts warn that current advances in solving a complex problem could make a broad class of public-key crypto systems less secure
New Techniques Obfuscate, Optimize SQL Injection Attacks
News  |  7/5/2013  | 
Black Hat researcher to demonstrate new methods for getting around defenses even more quickly to extract database data through SQLi


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...