Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Slideshows

Content posted in November 2018
Holiday Hacks: 6 Cyberthreats to Watch Right Now
Slideshows  |  11/30/2018  | 
'Tis the season for holiday crafted phishes, scams, and a range of cyberattacks. Experts list the hottest holiday hacks for 2018.
7 Real-Life Dangers That Threaten Cybersecurity
Slideshows  |  11/26/2018  | 
Cybersecurity means more than bits and bytes; threats are out there IRL, and IT pros need to be prepared.
2018 Hacker Kids Gift Guide
Slideshows  |  11/21/2018  | 
Fun gift choices that foster design thinking and coding skills in kids both young and old.
7 Holiday Security Tips for Retailers
Slideshows  |  11/19/2018  | 
It's the most wonderful time of the year and hackers are ready to pounce. Here's how to prevent them from wreaking holiday havoc.
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Slideshows  |  11/15/2018  | 
Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.
7 Cool New Security Tools to be Revealed at Black Hat Europe
Slideshows  |  11/12/2018  | 
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
What You Should Know About Grayware (and What to Do About It)
Slideshows  |  11/9/2018  | 
Grayware is a tricky security problem, but there are steps you can take to defend your organization when you recognize the risk.
20 Cybersecurity Firms to Watch
Slideshows  |  11/7/2018  | 
A look at some of the more interesting investments, acquisitions, and strategic moves in the security sector over the past year.
7 Non-Computer Hacks That Should Never Happen
Slideshows  |  11/5/2018  | 
From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29297
PUBLISHED: 2021-07-30
Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".
CVE-2021-29298
PUBLISHED: 2021-07-30
Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll".
CVE-2021-35193
PUBLISHED: 2021-07-30
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those...
CVE-2021-37742
PUBLISHED: 2021-07-30
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
CVE-2021-37743
PUBLISHED: 2021-07-30
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.