Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in October 2015
Page 1 / 2   >   >>
Target Breach: Why Smartcards Won’t Stop Hackers
Last Message: 10/31/2015
 |  Comments: 21
CrowdStrike Spots Chinese APTs Targeting US Firms Post-Pact
Last Message: 10/30/2015
 |  Comments: 1
Mandia: US-China No-Hack Pact Could Be Game Changer
Last Message: 10/30/2015
 |  Comments: 3
Chinese Military Behind South China Sea Cyber Espionage Attacks
Last Message: 10/30/2015
 |  Comments: 2
Why China Wants Your Sensitive Data
Last Message: 10/30/2015
 |  Comments: 18
Millennials Not Pursuing Cybersecurity Careers
Last Message: 10/30/2015
 |  Comments: 22
Startup 'Stealth Worker' Matches Businesses With Security Talent
Last Message: 10/30/2015
 |  Comments: 3
Endpoint Security: Putting The Focus On What Matters
Last Message: 10/29/2015
 |  Comments: 1
Digital Certificate Security Fail
Last Message: 10/29/2015
 |  Comments: 1
The Internet of Things: It’s All About Trust
Last Message: 10/28/2015
 |  Comments: 1
State Of Employee Security Behavior
Last Message: 10/27/2015
 |  Comments: 2
Passing the Sniff Test: Security Metrics and Measures
Last Message: 10/26/2015
 |  Comments: 2
Attackers Demand Ransom Following Massive Hack on TalkTalk
Last Message: 10/26/2015
 |  Comments: 1
Why DevOps Fails At Application Security
Last Message: 10/24/2015
 |  Comments: 3
Next On Dark Reading Radio: Endpoint Security Transformed
Last Message: 10/24/2015
 |  Comments: 1
Undermining Security By Attacking Computer Clocks
Last Message: 10/23/2015
 |  Comments: 1
New Technology Won't Remove Endpoint From The Bullseye
Last Message: 10/23/2015
 |  Comments: 1
Likeliest Fraudsters Are, Or Claim To Be, 85-90 Years Old
Last Message: 10/22/2015
 |  Comments: 1
Survey Shows Little Accord On Responsibility For Cloud Security
Last Message: 10/21/2015
 |  Comments: 3
From 55 Cents to $1,200: The Value Chain For Stolen Data
Last Message: 10/21/2015
 |  Comments: 2
Endpoint Security Transformed
Last Message: 10/21/2015
 |  Comments: 54
Building A Winning Security Team From The Top Down
Last Message: 10/20/2015
 |  Comments: 1
Former White House Advisor: Marry Infosec To Economics
Last Message: 10/20/2015
 |  Comments: 3
Enterprises Are Leaving Cloud Security Policies To Chance
Last Message: 10/20/2015
 |  Comments: 1
Run, Jump, Shoot, Infect: Trojanized Games Invade Google Play
Last Message: 10/19/2015
 |  Comments: 4
Cybersecurity Insurance: 4 Practical Considerations
Last Message: 10/16/2015
 |  Comments: 3
Pawn Storm Flashes A New Flash Zero-Day
Last Message: 10/16/2015
 |  Comments: 2
The Evolution Of Malware
Last Message: 10/15/2015
 |  Comments: 1
Researchers Warn Against Continuing Use Of SHA-1 Crypto Standard
Last Message: 10/14/2015
 |  Comments: 2
Believe It Or Not, Millennials Do Care About Privacy, Security
Last Message: 10/14/2015
 |  Comments: 1
Japan's Cybercrime Underground On The Rise
Last Message: 10/14/2015
 |  Comments: 1
Why Everybody Loves (And Hates) Security
Last Message: 10/12/2015
 |  Comments: 2
'Evil' Kemoge Serves Androids Ads And Rootkits
Last Message: 10/12/2015
 |  Comments: 2
Jailbreaking Mobile Devices: That’s Not The Real Problem
Last Message: 10/12/2015
 |  Comments: 1
Healthcare Organizations Twice As Likely To Experience Data Theft
Last Message: 10/11/2015
 |  Comments: 12
The Unintended Attack Surface Of The Internet Of Things
Last Message: 10/11/2015
 |  Comments: 9
A Father’s Perspective On The Gender Gap In Cybersecurity
Last Message: 10/11/2015
 |  Comments: 18
Darknet Is Full Of Criminals & Governments Giving TOR A Bad Name
Last Message: 10/10/2015
 |  Comments: 4
State Trooper Vehicles Hacked
Last Message: 10/10/2015
 |  Comments: 22
Corporate VPNs In The Bullseye
Last Message: 10/9/2015
 |  Comments: 1
Data Deletion: A Disconnect Between Perception And Reality
Last Message: 10/9/2015
 |  Comments: 2
CISOs Spend Too Much Time On Tech, Not Enough On Strategy
Last Message: 10/7/2015
 |  Comments: 3
How Tactical Security Works At LinkedIn
Last Message: 10/6/2015
 |  Comments: 2
Nuclear Plants' Cybersecurity Is Bad, & Hard To Fix
Last Message: 10/5/2015
 |  Comments: 1
DHS Funds Project For Open Source 'Invisible Clouds'
Last Message: 10/5/2015
 |  Comments: 2
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655
PUBLISHED: 2023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.