Slideshows

Content posted in February 2016
FBI Vs. Apple: Privacy Syllabus
Slideshows  |  2/24/2016  | 
Some of the very best articles, blogs, and other opinions on the issue of government meddling in encryption technology.
Cybercrime And Hacking Atlas
Slideshows  |  2/20/2016  | 
A geographic guide with cybercrime threat and target trends in 10 notable countries.
20 Cybersecurity Startups To Watch In 2016
Slideshows  |  2/17/2016  | 
Some of the most intriguing security startups flush with funds, talent and ideas.
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
Slideshows  |  2/10/2016  | 
From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
10 Shocking New Facts About Ransomware
Slideshows  |  2/8/2016  | 
Ransomware has taken over the cybercriminal world in the last few years and there's no end in sight.
7 Signs of Infosec's Groundhog Day Syndrome
Slideshows  |  2/2/2016  | 
Irritations that plague security pros day in and day out.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-1732
PUBLISHED: 2018-08-17
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sen...
CVE-2018-15356
PUBLISHED: 2018-08-17
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15357
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15358
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
CVE-2018-15359
PUBLISHED: 2018-08-17
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.