Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in November 2019
The Top 25 Most Dangerous Software Errors
Larry Loeb  |  11/29/2019  | 
'Improper Restriction of Operations within the Bounds of a Memory Buffer' tops this year's list.
Solr Search Tool Can Allow Remote Code Execution (RCE) by Default
Larry Loeb  |  11/28/2019  | 
A security vulnerability affecting the Linux enterprise search tool Apache Solr has been reclassified by Tenable as 'high severity status.'
False Training Information Can Dupe Machine Learning Models
Larry Loeb  |  11/27/2019  | 
Researchers from Boston University have shown how really small amounts of disinformation can taint the learning process used by many AI programs.
Dangerous 'RIPlace' Exploit Able to Bypass AV & EDR Protections
Larry Loeb  |  11/26/2019  | 
Researchers discover way that ransomware can bypass the protections which operating system vendors have built into their products.
DePriMon: A New & Unique Way to Download Malware
Larry Loeb  |  11/25/2019  | 
ESET calls it 'a powerful, flexible and persistent tool.'
Artisans & Commercials Gang Up on Third Parties
Larry Loeb  |  11/22/2019  | 
Cybersecurity and intelligence firm AdvIntel has reported about a trend it has seen happening in the ransomware arena.
Phoenix Keylogger Rises & Steals Information
Larry Loeb  |  11/21/2019  | 
Keylogger first emerged in July 2019, and is packed with myriad information-stealing features.
MSFT Jumps on DoH
Larry Loeb  |  11/20/2019  | 
Microsoft has announced that an upcoming version of Windows 10 will have support for DNS over HTTPS.
Iran Rustles Up Its Own VPN to Hide Itself
Larry Loeb  |  11/18/2019  | 
Trend Micro has found recent traces of APT33 operations, with about a dozen Command and Control servers being used for extremely narrow targeting.
Keeping It Real Can Pay Off for Old-School Attacks
Larry Loeb  |  11/14/2019  | 
Even a previously known attack can fool the security team if it is well crafted.
How PureLocker Ransomware Bypasses AV Checks
Larry Loeb  |  11/13/2019  | 
Intezer and IBM X-Force have found a new ransomware targeted at production servers. And it's sneaky...
TCP DDoS Reflection Attacks on the Rise
Larry Loeb  |  11/12/2019  | 
Radware report picks up on a change in attacker strategy.
'Quantum Dawn' Raid as Financial Industry Simulates Global Ransomware Attack
Larry Loeb  |  11/8/2019  | 
Financial institutions in Asia, the US and the UK are put through their paces.
Study Finds Customer Data to Be Most at Risk From Insiders
Larry Loeb  |  11/6/2019  | 
Companies say that they are somewhat more worried about inadvertent insider breaches and negligent data breaches than they are about malicious intent by bad actors.
Complex Q3 DDoS Can Have 11 Attack Vectors
Larry Loeb  |  11/5/2019  | 
Link 11 has issued a summary of what they have found out about characteristics of DDoS attacks that occurred in Q3 2019.
75% of Enterprises Will Adopt a Zero Trust Solution Within a Year – Zscaler
Larry Loeb  |  11/5/2019  | 
Zero Trust Network Access (ZTNA) services are built to ensure that only authorized users can access specific applications on a network based on business policies.


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.