Advertise

Commentary

Content posted in December 2011

View Content By Month

More About Software Tokens

Commentary | 12/29/2011 |

2 comments

When software tokens are as strong as hardware ones

Database Security Proxies

Commentary | 12/22/2011 |

Post a comment

Using DAM as a security proxy

Take Off The Data Security Blinders

Commentary | 12/20/2011 |

Post a comment

You can't protect what you can't see. Use these tools to learn how and where your data is at risk

Data Security, Top Down

Commentary | 12/15/2011 |

Post a comment

Focus on what needs to be done, not how to do it

For Your Mobile Only

Commentary | 12/15/2011 |

Post a comment

Imagine a modern-day plot for a James Bond movie and how mobile would make his task a whole lot easier

ADMP: DAM For Web Apps

Commentary | 12/7/2011 |

Post a comment

A look at the technology that combines application and database protection

RIM's PlayBook Security Patch Doesn't Last Long

Commentary | 12/7/2011 |

Post a comment

Research In Motion hoped to close a security breach with a software update to its PlayBook tablet, but coders cracked the patch in only a few hours.

Work And Play In Security

Commentary | 12/5/2011 |

Post a comment

As we look toward 2012, it's time to have more fun at work

Debunking The Conficker-Iranian Nuclear Program Connection

Commentary | 12/4/2011 |

Post a comment

Recent claims allude to Conficker-Stuxnet relationship, but are they really credible?

View Content by Month

[close this box]

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 9/25/2020

9 Tips to Prepare for the Future of Cloud & Network Security

Kelly Sheridan, Staff Editor, Dark Reading, 9/28/2020

Attacker Dwell Time: Ransomware's Most Important Metric

Ricardo Villadiego, Founder and CEO of Lumu, 9/30/2020

Live Events

Webinars

Hear Microsoft, FedEx & VMware Speak @ Interop Digital

Earn (ISC)2 CPEs at Interop Digital, Oct 5-8

Interop Digital, Oct. 5-8; Learn the skills necessary for managing a IT Org

More Informa Tech Live Events

White Papers

[Forrester Research] The State of Data Security & Privacy

2020 SANS Cyber Threat Intelligence

Tackling the Challenges of HTTP Streaming Delivery and Performance

Unit 42 Cloud Threat Report: Spring 2020

How to Secure Applications 'On the Move'

More White Papers

Cartoon

Latest Comment: Well my facial recognition system didn't recognize you without your mask!

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-15488
PUBLISHED: 2020-09-30

Re:Desk 2.3 allows insecure file upload.

CVE-2020-15849
PUBLISHED: 2020-09-30

Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's database, allowing for a...

CVE-2020-14375
PUBLISHED: 2020-09-30

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated ...

CVE-2020-14376
PUBLISHED: 2020-09-30

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

CVE-2020-14377
PUBLISHED: 2020-09-30

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attack...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]