Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in December 2017
Nasties Abound: Symantec's Q3 Threat Report
Larry Loeb  |  12/27/2017  | 
Symantec's Threat Report from the 2017 Q3 shows that malware writers are busier than ever.
The Hard Work of Pointing Fingers
Larry Loeb  |  12/21/2017  | 
Pointing the finger at a perpetrator is difficult. Pointing it at the right perpetrator is even harder. That doesn't stop many organizations from trying.
Picker Mentality Supercharges Malware
Larry Loeb  |  12/18/2017  | 
The picker mentality, reusing code and techniques that have worked before, is making malware stronger and more difficult to defend against.
Russian DNS Gobbling Up Internet Traffic
Larry Loeb  |  12/15/2017  | 
BGPMON researchers have found that Russian DNS servers redirected Internet traffic through Russia several times earlier this month. The question is whether it's a test or a harbinger of things to come.
enSilo Researchers: Your NTFS Transactions Belong to Us
Larry Loeb  |  12/11/2017  | 
A pair of researchers from enSilo have disclosed how they created a new vulnerability within Windows-based systems that can compromise NTFS transactions, and the worst part is that security vendors are not prepared.
Crypto Wars: The Show That Never Ends
Larry Loeb  |  12/6/2017  | 
The German Interior Ministry is spearheading an effort to create a new law that would require tech companies to provide backdoors for a range of devices. It's the latest salvo in the war over encryption.
Device Servers May Have Leaked Telnet Passwords for Years
Larry Loeb  |  12/4/2017  | 
A security researcher has found that servers that connect older, industrial hardware to the Internet have been leaking Telnet passwords, possibly for years.
Email Bug Shows Flaws in Reporting System
Larry Loeb  |  12/1/2017  | 
When one of the world's most commonly used email applications doesn't have a bug-reporting system, things get very public very quickly.


Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27660
PUBLISHED: 2020-11-30
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2020-27659
PUBLISHED: 2020-11-30
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
CVE-2020-29127
PUBLISHED: 2020-11-30
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=&csppage=cgi_PgOverview&csplang=en is visit...
CVE-2020-25624
PUBLISHED: 2020-11-30
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...