Commentary

Content posted in May 2011
Sharing Relational Data In The Cloud
Commentary  |  5/31/2011  | 
Databases are designed to share data, so it's easy to leverage built-in security for cloud services
A Tale Of Two Hacks
Commentary  |  5/31/2011  | 
The similarities and differences in the Lockheed and RSA attacks
Dark Reading Revamps SMB Security Tech Center
Commentary  |  5/31/2011  | 
As cybercriminals take aim at small businesses, Dark Reading offers new coverage
Scareware Is Evolving
Commentary  |  5/24/2011  | 
That's right -- scareware is still proving an effective way for threat actors to make quick cash on the Internet
Oracle 11G Available On AWS
Commentary  |  5/24/2011  | 
When testing Oracle on Amazon AWS, consider how you will secure your data
From Device to Device, From Site To Site
Commentary  |  5/23/2011  | 
Obama administration's digital identities initiative relies on private industry to come together and make it work
Sony A Poster Child For Self-Destructive Security
Commentary  |  5/20/2011  | 
Sony has repeatedly made poor decisions in security and control -- costing the company billions of dollars and giving critical markets it once controlled to Apple, Microsoft, and Nintendo
Schwartz On Security: Developers Battle Piracy Channels
Commentary  |  5/18/2011  | 
Business Software Alliance report finds widespread software piracy, but experts say market pressures are to blame.
Reduce Your Android Security Risks
Commentary  |  5/17/2011  | 
Threats against Google's mobile platform have increased 400% in the last year, but common sense will protect users against many of the attacks.
Success, Failure And The Advanced Threat
Commentary  |  5/16/2011  | 
You can't judge the sophistication of an attack by its success or failure
Mobile Security Needs Executive Involvement
Commentary  |  5/13/2011  | 
IT managers need a plan for managing a highly variable fleet of devices through mobile device management, according to panelists at InformationWeek Analytics Live sessions at Interop 2011.
Schwartz On Security: Sony Must Do More
Commentary  |  5/12/2011  | 
Forget free ID theft monitoring. Sony should release its police reports, so that 101 million people can obtain a free credit freeze to proactively battle ID thieves.
Presidential Alerts Soon Mandatory On Your Phone
Commentary  |  5/10/2011  | 
The U.S. Government and major wireless carriers announced a new messaging system that supplements the current emergency system. While some alerts will be optional, presidential alerts will be mandatory.
Secure Access To Relational Data
Commentary  |  5/10/2011  | 
How to secure relational data in cloud data centers
If An ESIM Falls In The Woods, Does Anyone Care?
Commentary  |  5/10/2011  | 
To the operationally minded, the loss of security monitoring capabilities will almost always play second fiddle to availability for Internet and internetworked resources
A National Monitoring Infrastructure
Commentary  |  5/10/2011  | 
It's theoretically possible, but who could orchestrate such a huge collaborative endeavor, and would it be possible to bring both private and public data under government oversight?
We Will Get Fooled Again
Commentary  |  5/6/2011  | 
It's time to start a quiet revolution against security marketing buffoonery
How To Respond To The Sony Attacks
Commentary  |  5/4/2011  | 
How to protect yourself from similar database attacks
Dark Reading's First Five Years: A Look Back -- And Ahead
Commentary  |  5/3/2011  | 
Taking a moment to celebrate DR's fifth anniversary of publication
U.S. Intelligence Connects The Dots On Bin Laden
Commentary  |  5/3/2011  | 
Intelligence agencies are leveraging new surveillance technologies and IT architectures to facilitate information sharing in their anti-terrorism and other national security efforts.
Police Car DVR P0wnage
Commentary  |  5/3/2011  | 
Another security failure in an embedded technology leads to unanticipated risks for police forces and a vendor denial


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.