Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in August 2018
Exploitable Flaws Found in Trusted Platform Module 2.0
Larry Loeb  |  8/31/2018  | 
The US Department of Defense uses the TPM as a key element in dealing with security of device identification and authentication, encryption and similar tasks.
Data Leaks Via Smart Light Bulbs? Believe It
Larry Loeb  |  8/29/2018  | 
Researchers from the University of Texas at San Antonio have shown it's possible to exfiltrate data from a smart-bulb system. But there's no need to go back to candles just yet.
Microsoft Outlook Backdoor Amped Up by Russia-Linked Group
Larry Loeb  |  8/28/2018  | 
The Russia-linked Turla group uses PDF attachments to email messages to exfiltrate data, according to ESET.\r\n
Apache Struts Critical Weakness Found, Patched
Larry Loeb  |  8/24/2018  | 
The open source framework for Java-based web apps has a critical flaw the Apache Software Foundation is trying to counter.
Microsoft Yanks Suspected Russian-Intelligence Domains
Larry Loeb  |  8/22/2018  | 
Microsoft has pulled the plug on domains it suspected as fronts for Russian Intelligence. The company says the targets were US conservative groups.
Electrical Grid Attack via IoT Devices Successfully Simulated
Larry Loeb  |  8/21/2018  | 
Researchers have successfully simulated an attack on an electrical power grid that employs IoT devices to trigger a blackout.
Foreshadow-NG Vulnerability Sets Tech Giants Scrambling
Larry Loeb  |  8/20/2018  | 
Foreshadow vulnerabilities expose processors and even the cloud to penetration.
IETF Makes Transport Layer Security Version 1.3 Official
Larry Loeb  |  8/15/2018  | 
TLS 1.3 is now the industry standard for secure Internet connections via HTTPS.
Microsoft Cortana Vulnerability Can Unlock a Locked Windows PC
Larry Loeb  |  8/13/2018  | 
At Black Hat, researchers showed how a vulnerability in Cortana can unlock a locked Windows PC. Microsoft has patched the flaw, but questions remain.
Smart Cities Need to Get Smarter About Cybersecurity
Larry Loeb  |  8/10/2018  | 
At the 2018 Black Hat conference, IBM's X-Force Red and Threatcare found that smart cities are as vulnerable to attack as any enterprise network.
Employees Remain the Weak Link in Your Company's Cybersecurity Plans
Larry Loeb  |  8/8/2018  | 
Another report, this time from Finn Partners Research, shows that employees remain the weakest link in the cybersecurity chain.
Phishing Attacks Increase in Q1 as Cybercrooks Look for New Victims
Larry Loeb  |  8/6/2018  | 
An analysis by APWG saw a significant increase in the number of phishing attacks in the first quarter of this year, as cybercriminals looked for new victims.
Researcher Finds Way to Bypass SOP Within Microsoft Edge Browser
Larry Loeb  |  8/3/2018  | 
For years, SOP has made sure that browsing stays safe by isolating different websites. Now, a researcher found a way around the protocol within Microsoft's Edge browser.
Sophisticated Malvertising Campaign Involves 10,000 WordPress Sites
Larry Loeb  |  8/1/2018  | 
A CheckPoint study has uncovered a complex malvertising schemes that involves more than 10,000 WordPress-hosted sites, and an ecosystem of ad-networks and resellers.


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.