Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in November 2019
The Top 25 Most Dangerous Software Errors
Larry Loeb  |  11/29/2019  | 
'Improper Restriction of Operations within the Bounds of a Memory Buffer' tops this year's list.
Solr Search Tool Can Allow Remote Code Execution (RCE) by Default
Larry Loeb  |  11/28/2019  | 
A security vulnerability affecting the Linux enterprise search tool Apache Solr has been reclassified by Tenable as 'high severity status.'
False Training Information Can Dupe Machine Learning Models
Larry Loeb  |  11/27/2019  | 
Researchers from Boston University have shown how really small amounts of disinformation can taint the learning process used by many AI programs.
Dangerous 'RIPlace' Exploit Able to Bypass AV & EDR Protections
Larry Loeb  |  11/26/2019  | 
Researchers discover way that ransomware can bypass the protections which operating system vendors have built into their products.
DePriMon: A New & Unique Way to Download Malware
Larry Loeb  |  11/25/2019  | 
ESET calls it 'a powerful, flexible and persistent tool.'
Artisans & Commercials Gang Up on Third Parties
Larry Loeb  |  11/22/2019  | 
Cybersecurity and intelligence firm AdvIntel has reported about a trend it has seen happening in the ransomware arena.
Phoenix Keylogger Rises & Steals Information
Larry Loeb  |  11/21/2019  | 
Keylogger first emerged in July 2019, and is packed with myriad information-stealing features.
MSFT Jumps on DoH
Larry Loeb  |  11/20/2019  | 
Microsoft has announced that an upcoming version of Windows 10 will have support for DNS over HTTPS.
Iran Rustles Up Its Own VPN to Hide Itself
Larry Loeb  |  11/18/2019  | 
Trend Micro has found recent traces of APT33 operations, with about a dozen Command and Control servers being used for extremely narrow targeting.
Keeping It Real Can Pay Off for Old-School Attacks
Larry Loeb  |  11/14/2019  | 
Even a previously known attack can fool the security team if it is well crafted.
How PureLocker Ransomware Bypasses AV Checks
Larry Loeb  |  11/13/2019  | 
Intezer and IBM X-Force have found a new ransomware targeted at production servers. And it's sneaky...
TCP DDoS Reflection Attacks on the Rise
Larry Loeb  |  11/12/2019  | 
Radware report picks up on a change in attacker strategy.
'Quantum Dawn' Raid as Financial Industry Simulates Global Ransomware Attack
Larry Loeb  |  11/8/2019  | 
Financial institutions in Asia, the US and the UK are put through their paces.
Study Finds Customer Data to Be Most at Risk From Insiders
Larry Loeb  |  11/6/2019  | 
Companies say that they are somewhat more worried about inadvertent insider breaches and negligent data breaches than they are about malicious intent by bad actors.
Complex Q3 DDoS Can Have 11 Attack Vectors
Larry Loeb  |  11/5/2019  | 
Link 11 has issued a summary of what they have found out about characteristics of DDoS attacks that occurred in Q3 2019.
75% of Enterprises Will Adopt a Zero Trust Solution Within a Year – Zscaler
Larry Loeb  |  11/5/2019  | 
Zero Trust Network Access (ZTNA) services are built to ensure that only authorized users can access specific applications on a network based on business policies.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/31/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness
Robert Lemos, Contributing Writer,  7/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14310
PUBLISHED: 2020-07-31
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a ma...
CVE-2020-14311
PUBLISHED: 2020-07-31
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.
CVE-2020-5413
PUBLISHED: 2020-07-31
Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains mali...
CVE-2020-5414
PUBLISHED: 2020-07-31
VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.8.13, and 2.9.x versions prior to 2.9.7) contains an App Autoscaler that logs the UAA admin password. This credential is redacted on VMware Tanzu Operations Manager; however, the unredacted logs are a...
CVE-2019-11286
PUBLISHED: 2020-07-31
VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may request against the ...