Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in October 2017
Page 1 / 2   >   >>
Mobile App Security: 4 Critical Issues
Last Message: 10/31/2017
 |  Comments: 5
Passwords Use Alone Still Trumps Multi-Factor Authentication
Last Message: 10/30/2017
 |  Comments: 1
Can Your Risk Assessment Stand Up Under Scrutiny?
Last Message: 10/30/2017
 |  Comments: 2
Visa Tests Credit Card With Random Number Generator
Last Message: 10/30/2017
 |  Comments: 1
'Bad Rabbit' Ransomware Attacks Rock Russia, Ukraine - and Beyond
Last Message: 10/30/2017
 |  Comments: 12
Banks Start Broad Use of Blockchain, as JP Morgan, IBM Lead Way
Last Message: 10/29/2017
 |  Comments: 1
A Checklist for Securing the Internet of Things
Last Message: 10/28/2017
 |  Comments: 9
IoT: Insecurity of Things or Internet of Threats?
Last Message: 10/28/2017
 |  Comments: 1
Why Patching Software Is Hard: Technical Challenges
Last Message: 10/27/2017
 |  Comments: 6
'Reaper' IoT Botnet Likely a DDoS-for-Hire Tool
Last Message: 10/27/2017
 |  Comments: 1
New Tool Debuts for Hacking Back at Hackers in Your Network
Last Message: 10/27/2017
 |  Comments: 2
One-Third of Businesses Can't Keep Up with Cloud Security
Last Message: 10/26/2017
 |  Comments: 12
Google Play Bug Bounty Program Debuts
Last Message: 10/25/2017
 |  Comments: 1
US Critical Infrastructure Target of Russia-Linked Cyberattacks
Last Message: 10/24/2017
 |  Comments: 1
'123456' Leads The Worst Passwords Of 2016
Last Message: 10/23/2017
 |  Comments: 4
Name That Toon: Screen Sharing
Last Message: 10/23/2017
 |  Comments: 128
Printers: The Weak Link in Enterprise Security
Last Message: 10/23/2017
 |  Comments: 6
The Future of Democratic Threats is Digital
Last Message: 10/22/2017
 |  Comments: 1
GDPR Compliance: 5 Early Steps to Get Laggards Going
Last Message: 10/21/2017
 |  Comments: 1
Game Change: Meet the Mach37 Fall Startups
Last Message: 10/20/2017
 |  Comments: 2
Mobile Ransomware Hits Browsers with Old-School Techniques
Last Message: 10/20/2017
 |  Comments: 2
'Hacker Door' Backdoor Resurfaces as RAT a Decade Later
Last Message: 10/20/2017
 |  Comments: 2
IoT Deployment Security Top Concern for Enterprises
Last Message: 10/20/2017
 |  Comments: 1
Edward Snowden speaking at SecTor 2016
Last Message: 10/20/2017
 |  Comments: 2
InfoSec Pros Among Worst Offenders of Employer Snooping
Last Message: 10/19/2017
 |  Comments: 1
Why Security Leaders Can't Afford to Be Just 'Left-Brained'
Last Message: 10/18/2017
 |  Comments: 2
WannaCry Forces Honda to Take Production Plant Offline
Last Message: 10/17/2017
 |  Comments: 2
How Systematic Lying Can Improve Your Security
Last Message: 10/17/2017
 |  Comments: 3
Hyatt Hit With Another Credit Card Breach
Last Message: 10/17/2017
 |  Comments: 2
Tool For Cybersecurity Job Hunters Launched
Last Message: 10/17/2017
 |  Comments: 4
Key New Security Features in Android Oreo
Last Message: 10/17/2017
 |  Comments: 1
Best and Worst Security Functions to Outsource
Last Message: 10/14/2017
 |  Comments: 14
Kaspersky Lab and the AV Security Hole
Last Message: 10/14/2017
 |  Comments: 1
Equifax Now Faces Potential Breach of Customer Help Page
Last Message: 10/13/2017
 |  Comments: 2
7 SIEM Situations That Can Sack Security Teams
Last Message: 10/12/2017
 |  Comments: 2
BEC Attacks Don't Always Require Sophistication
Last Message: 10/12/2017
 |  Comments: 3
Ransomware Sales on the Dark Web Spike 2,502% in 2017
Last Message: 10/11/2017
 |  Comments: 1
Equifax Lands $7.25 Million Contract with IRS
Last Message: 10/11/2017
 |  Comments: 5
Microsoft Patches Windows Zero-Day Flaws Tied to DNSSEC
Last Message: 10/10/2017
 |  Comments: 1
Where Cybercriminals Go To Buy Your Stolen Data
Last Message: 10/10/2017
 |  Comments: 6
5 IT Practices That Put Enterprises at Risk
Last Message: 10/10/2017
 |  Comments: 5
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...