Dark Reading Article Boards

Message Boards posted in October 2014
Page 1 / 2   >   >>
Facebook Launches New Open-Source OS Monitoring Tool
Last Message: 10/31/2014
 |  Comments: 1
What Scares Me About Healthcare & Electric Power Security
Last Message: 10/31/2014
 |  Comments: 16
Retailers Now Actively Sharing Cyberthreat Intelligence
Last Message: 10/31/2014
 |  Comments: 8
Monitoring Threats and Measuring Risk
Last Message: 10/31/2014
 |  Comments: 42
Shellshock Attacks Stack Up
Last Message: 10/31/2014
 |  Comments: 1
Retailers Facing Intensified Cyberthreat This Holiday Season
Last Message: 10/30/2014
 |  Comments: 10
Cyberinsurance Resurges In The Wake Of Mega-Breaches
Last Message: 10/30/2014
 |  Comments: 11
White House Says Unclassified Network Hit In Cyberattack
Last Message: 10/30/2014
 |  Comments: 2
Understanding Retail Threats and Fraud
Last Message: 10/30/2014
 |  Comments: 20
Target Breach: HVAC Contractor Systems Investigated
Last Message: 10/29/2014
 |  Comments: 11
Protecting Performance from Traffic Spikes
Last Message: 10/29/2014
 |  Comments: 51
Security Companies Team Up, Take Down Chinese Hacking Group
Last Message: 10/29/2014
 |  Comments: 4
Poll: Patching Is Primary Response to Shellshock
Last Message: 10/29/2014
 |  Comments: 11
Enterprise Security: Why You Need a Digital Immune System
Last Message: 10/28/2014
 |  Comments: 3
A Simple Formula For Usable Risk Intelligence
Last Message: 10/28/2014
 |  Comments: 8
Protecting Back-End Systems
Last Message: 10/28/2014
 |  Comments: 42
20% Of 'Broadly Shared' Data Contains Regulated Info
Last Message: 10/28/2014
 |  Comments: 6
Open-Source Software Brings Bugs To Web Applications
Last Message: 10/28/2014
 |  Comments: 10
Researcher Shows Why Tor Anonymity Is No Guarantee Of Security
Last Message: 10/28/2014
 |  Comments: 1
Incident Response: Is Your IR Plan A Glorified Phone Tree?
Last Message: 10/27/2014
 |  Comments: 4
Financial Services Ranks Cyberattacks Top Industry Worry
Last Message: 10/27/2014
 |  Comments: 3
Backoff PoS Malware Boomed In Q3
Last Message: 10/27/2014
 |  Comments: 7
10 Things IT Probably Doesn't Know About Cyber Insurance
Last Message: 10/27/2014
 |  Comments: 4
Tech Insight: Making Data Classification Work
Last Message: 10/26/2014
 |  Comments: 8
Black Hat Europe 2014: One of Everything
Last Message: 10/25/2014
 |  Comments: 1
Digital Security: Taking an Uncompromising Stand
Last Message: 10/24/2014
 |  Comments: 2
Anonymous Australia Disavows Self-Proclaimed LulzSec Leader
Last Message: 10/24/2014
 |  Comments: 1
Insider Threats: Breaching The Human Barrier
Last Message: 10/24/2014
 |  Comments: 5
Google Expands 2-Factor Authentication For Chrome, Gmail
Last Message: 10/23/2014
 |  Comments: 6
Insecure Protocol Puts 1.2M SOHO Devices At Risk
Last Message: 10/22/2014
 |  Comments: 1
Synthetic Identity Fraud A Fast-Growing Category
Last Message: 10/22/2014
 |  Comments: 1
In Plain Sight: How Cyber Criminals Exfiltrate Data Via Video
Last Message: 10/22/2014
 |  Comments: 11
White Hat Hackers Fight For Legal Reform
Last Message: 10/22/2014
 |  Comments: 5
Several Staples Stores Suffer Data Breach
Last Message: 10/21/2014
 |  Comments: 1
Dont Get Caught in a Compromising Position
Last Message: 10/21/2014
 |  Comments: 2
Why You Shouldn't Count On General Liability To Cover Cyber Risk
Last Message: 10/21/2014
 |  Comments: 6
Death of the Perimeter
Last Message: 10/21/2014
 |  Comments: 1
FBI Director Urges New Encryption Legislation
Last Message: 10/21/2014
 |  Comments: 5
Open Source v. Closed Source: What's More Secure?
Last Message: 10/21/2014
 |  Comments: 6
In AppSec, Fast Is Everything
Last Message: 10/20/2014
 |  Comments: 5
Third-Party Code: Fertile Ground For Malware
Last Message: 10/20/2014
 |  Comments: 7
'POODLE' Attacks, Kills Off SSL 3.0
Last Message: 10/20/2014
 |  Comments: 9
'Silent' Fix For Windows USB Bug?
Last Message: 10/20/2014
 |  Comments: 2
'Hurricane Panda' Cyberspies Used Windows Zero-Day For Months
Last Message: 10/17/2014
 |  Comments: 3
7 Reasons To Love Passwords
Last Message: 10/17/2014
 |  Comments: 12
Security Education K Through Life
Last Message: 10/17/2014
 |  Comments: 11
Shellshock Mayhem Marks The Start Of Malware Mess
Last Message: 10/17/2014
 |  Comments: 3
Page 1 / 2   >   >>


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...
CVE-2018-11239
PUBLISHED: 2018-05-19
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in ...