Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in August 2014
All In For The Coming World of 'Things'
Commentary  |  8/25/2014  | 
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
Access Point Pinched From Black Hat Show WLAN
Commentary  |  8/19/2014  | 
A few apparent pranks, practice DDoS attacks, and other mischievous activities were spotted on the Black Hat USA wireless network in Las Vegas this month.
Hacker Couture: As Seen At Black Hat USA, BSides, DEF CON
Slideshows  |  8/18/2014  | 
'Leet tattoos, piercings, mega-beards, (the real) John McAfee, and even a cute puppy were among the colorful sights in Las Vegas this month.
Traffic To Hosting Companies Hijacked In Crypto Currency Heist
News  |  8/14/2014  | 
Attacker likely a current or former ISP employee, researchers say.
Tech Insight: Hacking The Nest Thermostat
News  |  8/14/2014  | 
Researchers at Black Hat USA demonstrated how they were able to compromise a popular smart thermostat.
Internet Of Things Security Reaches Tipping Point
News  |  8/13/2014  | 
Public safety issues bubble to the top in security flaw revelations.
Security Holes Exposed In Trend Micro, Websense, Open Source DLP
News  |  8/12/2014  | 
Researchers Zach Lanier and Kelly Lum at Black Hat USA took the wraps off results of their security testing of popular data loss prevention software.
CloudBot: A Free, Malwareless Alternative To Traditional Botnets
News  |  8/11/2014  | 
Researchers take advantage of cloud service providers' free trials and lousy anti-automation controls to use cloud instances like bots.
No Fixes In Sight For Satellite Terminal Flaws
News  |  8/7/2014  | 
At Black Hat USA, a researcher who in April revealed weaknesses in popular satellite ground terminal equipment found on air, land and sea, demonstrates possible attack scenarios.
Heartbleed, GotoFail Bring Home Pwnie Awards
Quick Hits  |  8/7/2014  | 
The Pwnie Awards celebrate the best bug discoveries and worst security fails.
Attack Harbors Malware In Images
Quick Hits  |  8/7/2014  | 
'Lurk' click-fraud campaign now employing steganography.
When Good USB Devices Go Bad
News  |  8/7/2014  | 
Researchers offer more details about how USB devices can be leveraged in attacks.
Dan Geer Touts Liability Policies For Software Vulnerabilities
News  |  8/6/2014  | 
Vendor beware. At Black Hat, Dan Geer suggests legislation to change product liability and abandonment rules for vulnerable and unsupported software.
TSA Checkpoint Systems Found Exposed On The Net
News  |  8/6/2014  | 
Researcher Billy Rios exposes new threats to airport security systems.
A Peek Inside The Black Hat Show Network
News  |  8/5/2014  | 
Black Hat USA's wireless network offers authenticated, secure access as well as 'open' access.
Dark Reading Plans Special Coverage Of Black Hat USA 2014
Commentary  |  8/4/2014  | 
Radio shows, daily newsletter, and panel sessions highlight Dark Reading's comprehensive coverage of the Black Hat conference.
The World's Most Hackable Cars
News  |  8/2/2014  | 
Researchers find 2014 models of Dodge Viper, Audi A8, Honda Accord are the least likely to be hit by hackers.
Some Security Tools Fail With Multipath TCP
News  |  8/1/2014  | 
Researchers at Black Hat USA will reveal how multipath TCP breaks assumptions about how TCP works -- and the implications for network security.


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...