Commentary

Content posted in June 2005
Data Security: IT's Oxymoron
Commentary  |  6/22/2005  | 
In case you haven't noticed, the last decade in banking has been all about mergers (each one bigger than the last), big-buck CEOs, increasing fees, and decreasing access to human beings. Sure, some consumer accounts got lost or crunched in the slamming together of newlywed bank systems, but who cared? Not the regulators and not the banks.
Data Security Requires A Group Effort
Commentary  |  6/19/2005  | 
Forty ... million ... credit cards. MasterCard, Visa, Discover, and American Express. That's enough accounts to represent roughly one card each for 19% of the U.S. population that is 18 and over.


White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0243
PUBLISHED: 2018-07-19
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.
CVE-2014-2302
PUBLISHED: 2018-07-19
The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.
CVE-2018-7602
PUBLISHED: 2018-07-19
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Rem...
CVE-2018-14332
PUBLISHED: 2018-07-19
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user...
CVE-2018-1529
PUBLISHED: 2018-07-19
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...