Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in August 2016
How Diversity Can Bridge The Talent Gap
Commentary  |  8/18/2016  | 
Women and minorities in the security industry share some hard truths about the security industrys hiring traditions and practices.
User Ed: Patching People Vs Vulns
Commentary  |  8/17/2016  | 
How infosec can combine and adapt security education and security defenses to the way users actually do their jobs.
Dark Reading Radio: What Keeps IT Security Pros Awake at Night
Commentary  |  8/16/2016  | 
Join us for a wide-ranging discussion with (ISC) Chief Exec David Shearer on the most worrisome infosec trends and challenges.
6 Things To Know For Securing Amazon Web Services
Slideshows  |  8/13/2016  | 
AWS is coming out with more new cloud security features.
The Future Of ATM Hacking
News  |  8/11/2016  | 
Research released at Black Hat USA last week shows that one of our best defenses for the future of payment card and ATM security isn't infallible. Here's why.
Government, Hackers Learn To Make Nice
News  |  8/10/2016  | 
It's still an uneasy alliance, but the hacking community and government are finding their way toward more constructive dialog and cooperation
PLC Worms Pose Stealthy Threat To Industrial Systems
News  |  8/10/2016  | 
Researchers at Black Hat USA demonstrated 'PLC Blaster' worm capable of infecting programmable logic controllers and spreading to other systems.
Spearphishing: Its Curiosity That Makes Them Click
News  |  8/9/2016  | 
Researchers prove that people can be fooled just because they want to know whats on the other end of that email. Here are three steps you can take without spending too much money.
New Internet Security Domains Debut
News  |  8/5/2016  | 
Meet the new .security and .protection domains.
Dark Reading News Desk Coming Back To Black Hat, Live
News  |  8/4/2016  | 
Live from Las Vegas: over 40 video interviews with Black Hat USA conference speakers and sponsors. Wednesday Aug. 3, Thursday Aug, 4, starting at 2 p.m. ET.
Nigerian Prince All Grown Up And Bilking Millions From Businesses Via BEC
News  |  8/4/2016  | 
Researchers discover leader of wire-wire gang thats made millions off by laundering victims business transactions.
Best Of Black Hat Innovation Awards: And The Winners Are
Commentary  |  8/3/2016  | 
Three companies and leaders who think differently about security: Deep Instinct, most innovative startup; Vectra, most innovative emerging company; Paul Vixie, most innovative thought leader.
Researchers Show How To Steal Payment Card Data From PIN Pads
News  |  8/3/2016  | 
Attack works even against chip-enabled EMV smartcards.
Kaminsky Creates Prototype To Lock Out Attackers
News  |  8/3/2016  | 
Security expert warns the Internet could be lost to regulators and hackers if industry doesn't start locking down security.
Hotel POS and Magstripe Cards Vulnerable to Attacks, Brute-Forcing
News  |  8/2/2016  | 
Researchers from Rapid7 at DefCon will demonstrate vulnerabilities that allow attackers to turn point-of-sale devices into keyboards
Dark Reading Radio at Black Hat 2016: 2 Shows, 4 #BHUSA Presenters
Commentary  |  8/2/2016  | 
Even if you can't physically be at Black Hat USA 2016, Dark Reading offers a virtual alternative to engage with presenters about hot show topics and trends.
This Time, Miller & Valasek Hack The Jeep At Speed
News  |  8/1/2016  | 
Car hacking duo accelerates -- literally -- their epic Jeep Cherokee hack.
Browser Exploits Increasingly Go For The Jugular
News  |  8/1/2016  | 
Black Hat USA panel to discuss browser attacks, which now go from browser userland to root privileges in no time flat.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18165
PUBLISHED: 2021-05-12
Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu".
CVE-2020-19275
PUBLISHED: 2021-05-12
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
CVE-2021-29511
PUBLISHED: 2021-05-12
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use `evm_core::Memory::copy_large`, the `evm` crate can over-allocate memory when it is not needed, making it possible for an attacker to perform d...
CVE-2020-19274
PUBLISHED: 2021-05-12
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
CVE-2021-30211
PUBLISHED: 2021-05-12
Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). An attacker can inject arbitrary web script in '/knowage/restful-services/signup/update' via the 'surname' parameter.