Slideshows

Content posted in December 2014
20 Startups To Watch In 2015
Slideshows  |  12/29/2014  | 
Check our list of security startups sure to start (or continue) making waves in the coming year.
CISO Holiday Bookshelf
Slideshows  |  12/22/2014  | 
A selection of interesting security reads perfect as gifts from and to the typical CISO.
Stocking Stuffers For Happy Hacking
Slideshows  |  12/15/2014  | 
Find that perfect gift for your co-workers and much-loved white hats without breaking the bank.
How To Become a CISO: Top Tips
Slideshows  |  12/8/2014  | 
A look at the best career advice for aspiring CISOs from people who've reached the top.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-1732
PUBLISHED: 2018-08-17
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sen...
CVE-2018-15356
PUBLISHED: 2018-08-17
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15357
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15358
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15359
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.