Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in April 2018
Rubella Macro Builder Crimeware Kit Price Drops to $40
Larry Loeb  |  4/30/2018  | 
Crime might not pay, but it also doesn't have to be expensive to try. Flashpoint researchers have found that the monthly fee for the Rubella Macro Builder crimeware kit dropped to $40 on the underground market.
Researchers Detail Self-Learning System That Secures IoT Devices
Larry Loeb  |  4/27/2018  | 
Researchers from several universities have published a new paper describing what they believe is a better way to protect and secure IoT devices and sensors.
Microsoft: Tech Support Scams on the Rise
Larry Loeb  |  4/25/2018  | 
A recent report from Microsoft shows that the number of scams using tech support as a cover is on the increase. However, many times it's up to consumers and companies to protect themselves.
Cybercrime: More Like Facebook's Model Than Traditional Criminal Enterprise
Larry Loeb  |  4/23/2018  | 
As the global economy has changed, so has cybercrime, which resembles something much closer to how Facebook works than a traditional criminal enterprise, according to a new report.
Login With Facebook & Watch Your Personal Data Leak
Larry Loeb  |  4/20/2018  | 
A common feature on many popular websites allows users to login with their Facebook profile. However, a trio of Princeton researchers show that this feature allows personal information to leak and be collected.
Alert Warns Russian Actors Are Targeted Unsecured Network Devices
Larry Loeb  |  4/18/2018  | 
A join statement from UK and US law enforcement and security agencies are warning that Russian actors are targeting older and unpatched network infrastructure as part of an ongoing cyberespionage campaign.
'PowerHammer' Exploit Can Steal Computer Data Across Electrical Lines
Larry Loeb  |  4/16/2018  | 
Researchers at Ben-Gurion University have created a new exploit called 'PowerHammer' that can steal data from PCs and other systems through electrical lines.
Misconfigured Routers Could Be Used for Botnets, Espionage
Larry Loeb  |  4/13/2018  | 
A recent white paper released by Akamai finds that thousands of misconfigured routers using older UPnP protocols could be turned into malicious botnets or used for espionage.
Bastille's ATI System Warning Raises Its Own Alarm
Larry Loeb  |  4/11/2018  | 
Bastille Networks made a splash by notifying ATI Systems that its warning systems have a significant vulnerability. However, the timing of the notice leaves a question about motives when public safety is at risk.
Cisco Warns of Possible Smart Install Client Hacking
Larry Loeb  |  4/9/2018  | 
Following an alert by US-CERT about possible hacking by foreign governments, Cisco is warning customers about a port vulnerability in the company's legacy Smart Install Client.
Don't Call AWS' CloudFront Hijacking Problem a Vulnerability
Larry Loeb  |  4/6/2018  | 
Amazon Web Service might be the biggest of the big cloud providers, but it still has some security concerns. A researcher has noticed the company is open to having its CloudFront service hijacked, but Amazon officials won't call it a vulnerability.
Cloudflare vs. Google: Making DNS Protocol Better, More Secure
Larry Loeb  |  4/4/2018  | 
With the release of 1.1.1, Cloudflare is looking to make the DNS protocol better and more secure, while speeding up the Internet. Is this helping Google or leaving the company behind?
Drupal RCE Vulnerability Requires Immediate Patching
Larry Loeb  |  4/2/2018  | 
A remote code execution vulnerability in several versions of Drupal's content management platform requires immediate patching by users. For its part, Drupal is getting out in front of this problem.


Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27660
PUBLISHED: 2020-11-30
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2020-27659
PUBLISHED: 2020-11-30
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
CVE-2020-29127
PUBLISHED: 2020-11-30
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=&csppage=cgi_PgOverview&csplang=en is visit...
CVE-2020-25624
PUBLISHED: 2020-11-30
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...