Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in January 2020
Page 1 / 2   >   >>
Average Ransomware Payments More Than Doubled in Q4 2019
Last Message: 1/31/2020
 |  Comments: 11
'George' the Most Popular Password That's a Name
Last Message: 1/31/2020
 |  Comments: 2
Adware vs. Ad Fraud: Viva la Difference!
Last Message: 1/31/2020
 |  Comments: 1
Why Companies Should Care about Data Privacy Day
Last Message: 1/31/2020
 |  Comments: 13
Microsoft Defender ATP Brings EDR Capabilities to macOS
Last Message: 1/31/2020
 |  Comments: 1
Number of Botnet Command & Control Servers Soared in 2019
Last Message: 1/30/2020
 |  Comments: 10
Android Malware for Mobile Ad Fraud Spiked Sharply in 2019
Last Message: 1/30/2020
 |  Comments: 1
Apple Misstep Leaves iPhones Open to Jailbreak
Last Message: 1/30/2020
 |  Comments: 1
Active Directory Needs an Update: Here's Why
Last Message: 1/29/2020
 |  Comments: 3
7 Free Tools for Better Visibility Into Your Network
Last Message: 1/28/2020
 |  Comments: 3
'PowerSnitch' Hacks Androids via Power Banks
Last Message: 1/28/2020
 |  Comments: 5
Regular User Training Most Effective Security Antidote
Last Message: 1/28/2020
 |  Comments: 2
New Security Woes for Popular IoT Protocols
Last Message: 1/27/2020
 |  Comments: 1
Using Artificial InteIligence to Power Application Security
Last Message: 1/27/2020
 |  Comments: 1
Lessons Learned from 7 Big Breaches in 2019
Last Message: 1/26/2020
 |  Comments: 3
Data Privacy Careers Are Helping to Close the IT Gender Gap
Last Message: 1/26/2020
 |  Comments: 8
Write A Caption & Win A Prize
Last Message: 1/25/2020
 |  Comments: 133
Cryptojacking Threat Continues to Rise
Last Message: 1/25/2020
 |  Comments: 1
IoT Security: How Far We've Come, How Far We Have to Go
Last Message: 1/24/2020
 |  Comments: 11
Why Every Organization Needs an Incident Response Plan
Last Message: 1/24/2020
 |  Comments: 4
Toyota Builds Open-Source Car-Hacking Tool
Last Message: 1/24/2020
 |  Comments: 2
Mobile Banking Malware Up 50% in First Half of 2019
Last Message: 1/23/2020
 |  Comments: 3
6 Traits to Develop for Cybersecurity Success
Last Message: 1/23/2020
 |  Comments: 1
For Mismanaged SOCs, The Price Is Not Right
Last Message: 1/23/2020
 |  Comments: 1
7 Tips for Infosec Pros Considering A Lateral Career Move
Last Message: 1/22/2020
 |  Comments: 1
TikTok Bugs Put Users' Videos, Personal Data At Risk
Last Message: 1/20/2020
 |  Comments: 1
Will This Be the Year of the Branded Cybercriminal?
Last Message: 1/20/2020
 |  Comments: 2
Google Lets iPhone Users Turn Device into Security Key
Last Message: 1/20/2020
 |  Comments: 1
More Than 100 Flavors Of Malware Are Stealing Bitcoins
Last Message: 1/19/2020
 |  Comments: 2
How Secure are our Voting Systems for November 2018?
Last Message: 1/19/2020
 |  Comments: 12
Microsoft to Officially End Support for Windows 7, Server 2008
Last Message: 1/18/2020
 |  Comments: 2
Car Hacking Hits the Streets
Last Message: 1/17/2020
 |  Comments: 2
6 Security Team Goals for DevSecOps in 2020
Last Message: 1/17/2020
 |  Comments: 1
New Attack Campaigns Suggest Emotet Threat Is Far From Over
Last Message: 1/17/2020
 |  Comments: 1
What Adobe's New PDF Sandbox Really Means For Attackers
Last Message: 1/16/2020
 |  Comments: 1
Securing The PDF
Last Message: 1/16/2020
 |  Comments: 1
Cloud Services Require a Shift in Security Strategy
Last Message: 1/16/2020
 |  Comments: 2
Mobile App Back-End Servers, Databases at Risk
Last Message: 1/15/2020
 |  Comments: 3
Microsoft Patches Windows Vuln Discovered by the NSA
Last Message: 1/15/2020
 |  Comments: 1
Asset Management Becomes the New Security Model
Last Message: 1/14/2020
 |  Comments: 1
Make DNS a Cornerstone of Your Cyber Security Arsenal
Last Message: 1/14/2020
 |  Comments: 1
AWS Issues 'Urgent' Warning for Database Users to Update Certs
Last Message: 1/10/2020
 |  Comments: 1
In App Development, Does No-Code Mean No Security?
Last Message: 1/10/2020
 |  Comments: 2
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...