Dark Reading Article Boards

Message Boards posted in October 2016
Page 1 / 2   >   >>
9 Sources For Tracking New Vulnerabilities
Last Message: 10/31/2016
 |  Comments: 3
How To Stay Safe On The Black Hat Network: Dont Connect To It
Last Message: 10/30/2016
 |  Comments: 14
US Charges Several In India Call Center Scam
Last Message: 10/30/2016
 |  Comments: 1
Blockchain & The Battle To Secure Digital Identities
Last Message: 10/30/2016
 |  Comments: 9
5 Tips For Preventing IoT Hacks
Last Message: 10/29/2016
 |  Comments: 16
Jose Santana Pleads Guilty In Cell Phone Fraud Scheme
Last Message: 10/29/2016
 |  Comments: 1
UEFA Euro Fans At High Risk Of Online Threats, Study Shows
Last Message: 10/28/2016
 |  Comments: 1
Florida Man To Plead Guilty in JPMorgan, Bitcoin Hack Case
Last Message: 10/28/2016
 |  Comments: 1
DDos On Dyn Used Malicious TCP, UDP Traffic
Last Message: 10/27/2016
 |  Comments: 1
New DDoS Attacks Could Reach Tens Of Terabits-Per-Second
Last Message: 10/27/2016
 |  Comments: 2
Researchers Show How To Steal Payment Card Data From PIN Pads
Last Message: 10/27/2016
 |  Comments: 1
Identity Theft Hits Low- To Moderate-Income Victims Hardest
Last Message: 10/26/2016
 |  Comments: 9
Deleting Emails Original Sin: An Historical Perspective
Last Message: 10/26/2016
 |  Comments: 2
Using Hard-Drive Imaging In Forensics
Last Message: 10/26/2016
 |  Comments: 1
A Proactive Approach To Vulnerability Management: 3 Steps
Last Message: 10/25/2016
 |  Comments: 1
Millennials A Growing Target Of IT Support Scams
Last Message: 10/24/2016
 |  Comments: 2
How To Become A Cybersecurity Entrepreneur In A Crowded Market
Last Message: 10/23/2016
 |  Comments: 1
CIO-CISO Relationship Continues To Evolve
Last Message: 10/22/2016
 |  Comments: 1
New Free Tool Stops Petya Ransomware & Rootkits
Last Message: 10/22/2016
 |  Comments: 1
75% Of Orgs Lack Skilled Cybersecurity Experts
Last Message: 10/21/2016
 |  Comments: 1
Hacking Voting Systems: A Reality Check
Last Message: 10/21/2016
 |  Comments: 2
7 Regional Hotbeds For Cybersecurity Innovation
Last Message: 10/20/2016
 |  Comments: 1
'Backoff' Malware: Time To Step Up Remote Access Security
Last Message: 10/20/2016
 |  Comments: 10
The Cyber Skills Shortage
Last Message: 10/19/2016
 |  Comments: 50
Researcher Roots Out Security Flaws In Insulin Pumps
Last Message: 10/18/2016
 |  Comments: 1
5 Tips For Keeping Small Businesses Secure
Last Message: 10/18/2016
 |  Comments: 2
Why Hackers Are Getting 'All Political' This Election Year
Last Message: 10/17/2016
 |  Comments: 2
"7 Tips To Toughen Passwords"
Last Message: 10/17/2016
 |  Comments: 13
Database Breaches: An Alarming Lack Of Preparedness
Last Message: 10/16/2016
 |  Comments: 3
Thousands Of Secure Websites Dubbed Insecure Due To Cert Error
Last Message: 10/16/2016
 |  Comments: 2
Cartoon: Hacking Lunch
Last Message: 10/15/2016
 |  Comments: 11
Yahoo Breach May Trigger 'Material Adverse Change' Clause
Last Message: 10/15/2016
 |  Comments: 2
7 Ways Electronic Voting Systems Can Be Attacked
Last Message: 10/15/2016
 |  Comments: 1
25 Emerging Security Vendors To Watch
Last Message: 10/15/2016
 |  Comments: 5
Vera Bradley Stores Report Payment Card Breach
Last Message: 10/14/2016
 |  Comments: 1
Information Security Spending Will Top $101 Billion By 2020
Last Message: 10/14/2016
 |  Comments: 1
Crimeware-as-a-Service Hack Turns Potential Hackers Into Victims
Last Message: 10/14/2016
 |  Comments: 3
Ransomware Raises The Bar Again
Last Message: 10/13/2016
 |  Comments: 2
Page 1 / 2   >   >>


RIP, 'IT Security'
Kevin Kurzawa, Senior Information Security Auditor,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19367
PUBLISHED: 2018-11-20
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
CVE-2018-19335
PUBLISHED: 2018-11-20
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-19334
PUBLISHED: 2018-11-20
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-10099
PUBLISHED: 2018-11-20
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated columns) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-17906
PUBLISHED: 2018-11-19
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.