Dark Reading Article Boards

Message Boards posted in October 2014
Page 1 / 2   >   >>
Facebook Launches New Open-Source OS Monitoring Tool
Last Message: 10/31/2014
 |  Comments: 1
What Scares Me About Healthcare & Electric Power Security
Last Message: 10/31/2014
 |  Comments: 16
Retailers Now Actively Sharing Cyberthreat Intelligence
Last Message: 10/31/2014
 |  Comments: 8
Monitoring Threats and Measuring Risk
Last Message: 10/31/2014
 |  Comments: 42
Shellshock Attacks Stack Up
Last Message: 10/31/2014
 |  Comments: 1
Retailers Facing Intensified Cyberthreat This Holiday Season
Last Message: 10/30/2014
 |  Comments: 10
Cyberinsurance Resurges In The Wake Of Mega-Breaches
Last Message: 10/30/2014
 |  Comments: 11
White House Says Unclassified Network Hit In Cyberattack
Last Message: 10/30/2014
 |  Comments: 2
Understanding Retail Threats and Fraud
Last Message: 10/30/2014
 |  Comments: 20
Target Breach: HVAC Contractor Systems Investigated
Last Message: 10/29/2014
 |  Comments: 11
Protecting Performance from Traffic Spikes
Last Message: 10/29/2014
 |  Comments: 51
Security Companies Team Up, Take Down Chinese Hacking Group
Last Message: 10/29/2014
 |  Comments: 4
Poll: Patching Is Primary Response to Shellshock
Last Message: 10/29/2014
 |  Comments: 11
Enterprise Security: Why You Need a Digital Immune System
Last Message: 10/28/2014
 |  Comments: 3
A Simple Formula For Usable Risk Intelligence
Last Message: 10/28/2014
 |  Comments: 8
Protecting Back-End Systems
Last Message: 10/28/2014
 |  Comments: 42
20% Of 'Broadly Shared' Data Contains Regulated Info
Last Message: 10/28/2014
 |  Comments: 6
Open-Source Software Brings Bugs To Web Applications
Last Message: 10/28/2014
 |  Comments: 10
Researcher Shows Why Tor Anonymity Is No Guarantee Of Security
Last Message: 10/28/2014
 |  Comments: 1
Incident Response: Is Your IR Plan A Glorified Phone Tree?
Last Message: 10/27/2014
 |  Comments: 4
Financial Services Ranks Cyberattacks Top Industry Worry
Last Message: 10/27/2014
 |  Comments: 3
Backoff PoS Malware Boomed In Q3
Last Message: 10/27/2014
 |  Comments: 7
10 Things IT Probably Doesn't Know About Cyber Insurance
Last Message: 10/27/2014
 |  Comments: 4
Tech Insight: Making Data Classification Work
Last Message: 10/26/2014
 |  Comments: 8
Black Hat Europe 2014: One of Everything
Last Message: 10/25/2014
 |  Comments: 1
Digital Security: Taking an Uncompromising Stand
Last Message: 10/24/2014
 |  Comments: 2
Anonymous Australia Disavows Self-Proclaimed LulzSec Leader
Last Message: 10/24/2014
 |  Comments: 1
Insider Threats: Breaching The Human Barrier
Last Message: 10/24/2014
 |  Comments: 5
Google Expands 2-Factor Authentication For Chrome, Gmail
Last Message: 10/23/2014
 |  Comments: 6
Insecure Protocol Puts 1.2M SOHO Devices At Risk
Last Message: 10/22/2014
 |  Comments: 1
Synthetic Identity Fraud A Fast-Growing Category
Last Message: 10/22/2014
 |  Comments: 1
In Plain Sight: How Cyber Criminals Exfiltrate Data Via Video
Last Message: 10/22/2014
 |  Comments: 11
White Hat Hackers Fight For Legal Reform
Last Message: 10/22/2014
 |  Comments: 5
Several Staples Stores Suffer Data Breach
Last Message: 10/21/2014
 |  Comments: 1
Dont Get Caught in a Compromising Position
Last Message: 10/21/2014
 |  Comments: 2
Why You Shouldn't Count On General Liability To Cover Cyber Risk
Last Message: 10/21/2014
 |  Comments: 6
Death of the Perimeter
Last Message: 10/21/2014
 |  Comments: 1
FBI Director Urges New Encryption Legislation
Last Message: 10/21/2014
 |  Comments: 5
Open Source v. Closed Source: What's More Secure?
Last Message: 10/21/2014
 |  Comments: 6
In AppSec, Fast Is Everything
Last Message: 10/20/2014
 |  Comments: 5
Third-Party Code: Fertile Ground For Malware
Last Message: 10/20/2014
 |  Comments: 7
'POODLE' Attacks, Kills Off SSL 3.0
Last Message: 10/20/2014
 |  Comments: 9
'Silent' Fix For Windows USB Bug?
Last Message: 10/20/2014
 |  Comments: 2
'Hurricane Panda' Cyberspies Used Windows Zero-Day For Months
Last Message: 10/17/2014
 |  Comments: 3
7 Reasons To Love Passwords
Last Message: 10/17/2014
 |  Comments: 12
Security Education K Through Life
Last Message: 10/17/2014
 |  Comments: 11
Shellshock Mayhem Marks The Start Of Malware Mess
Last Message: 10/17/2014
 |  Comments: 3
Page 1 / 2   >   >>


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-2765
PUBLISHED: 2018-08-20
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
CVE-2018-15594
PUBLISHED: 2018-08-20
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
CVE-2018-15572
PUBLISHED: 2018-08-20
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
CVE-2018-15573
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf...
CVE-2018-15574
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."