Network Computing Dark Reading

Advertise

Commentary

Content posted in December 2006

View Content By Month

Technology Jeopardizes The Secret Ballot

Commentary | 12/15/2006 |

Post a comment

Ed Felten at Freedom to Tinker has several brief, but meaty, posts this week on the erosion of a pillar of Western democracy: The secret ballot. The secret ballot offers two forms of protection: Because nobody can look over your shoulder to see how you voted, it's hard to coerce your vote. And, because you can't prove to anybody how you voted, you can't sell your vote. But technology and social trends are making the secret ballot harder to preserv

Outsource Security Carefully, And Carry A Big Audit Plan

Commentary | 12/15/2006 |

Post a comment

Are IT managers desperate if they outsource security? That's the provocative question Larry Greenemeier asks in today's issue of InformationWeek. His conclusion? A resolute no. In fact, hiring an independent service provider might just be your best bet for staying safe in the midst of rising threats against malware, hackers, and internal saboteurs.

Seven Steps To Follow When Data Leakage Strikes

Commentary | 12/14/2006 |

Post a comment

At a recent summit on "data leakage," which sounds like an unfortunate side effect to a prescription medication, Experian Corp. chief information security officer James Christiansen provided a very useful rundown of what to do before, during, and

Protecting Against Insider Threats

Commentary | 12/11/2006 |

Post a comment

When you visualize what a computer criminal looks like, you probably think of a teen-ager living in his mother's basement, or a shady-looking character in a lawless country far away. But if you want to know what the most dangerous computer criminals look like, take a look at the guy sitting in the next cube.

Spam's Making A Comeback And We're All Stuck With It

Commentary | 12/6/2006 |

Post a comment

The New York Times reports grim news that anybody watching their e-mail in-boxes already knew: Spam is making a comeback. Worldwide spam volumes doubled since last year, and spam now accounts for more than 90% of e-mail worldwide. And it doesn't look like the problem is going away.

View Content by Month

[close this box]

Hot Topics

Editors' Choice

The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter

Ofer Amitai, CEO, Portnox, 1/17/2019

Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation

Sara Peters, Senior Editor at Dark Reading, 1/17/2019

773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum

Jai Vijayan, Freelance writer, 1/17/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

Nobody's Fool: Combating Social-Engineering Risks

Investigate East-West Attacks on Critical Assets with Network Traffic Analysis

[Beginner's Guide] Open Source Incident Response Tools & Resources

The State of Application Security and How to Improve it

IP Address Audit Checklist: A 10 Step Guide

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: They are calling the SPCA. Apparently, we are not doing a good enough job of picking up after them.

Cartoon Archive

Current Issue

The Year in Security 2018

This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-19019
PUBLISHED: 2019-01-22

A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

CVE-2019-6260
PUBLISHED: 2019-01-22

The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console u...

CVE-2018-19011
PUBLISHED: 2019-01-22

CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.

CVE-2018-19013
PUBLISHED: 2019-01-22

An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file.

CVE-2018-19017
PUBLISHED: 2019-01-22

Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privil...

Terms of Service
Privacy Statement
Legal Entities