Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in November 2014
Page 1 / 2   >   >>
New Citadel Attack Targets Password Managers
Last Message: 11/30/2014
 |  Comments: 4
Apple, Security, And Disturbing Questions
Last Message: 11/30/2014
 |  Comments: 1
Cloud Security By The Numbers
Last Message: 11/27/2014
 |  Comments: 8
Don't Discount XSS Vulnerabilities
Last Message: 11/26/2014
 |  Comments: 4
Data Management Vs. Data Loss Prevention: Vive La Diffrence!
Last Message: 11/26/2014
 |  Comments: 4
New Attack Method Can Hit 95% Of iOS Devices
Last Message: 11/26/2014
 |  Comments: 8
Russian Cyber Espionage Under The Microscope
Last Message: 11/24/2014
 |  Comments: 8
Dairy Queen Breach Shines Light On Impact Of 3rd-Party Breaches
Last Message: 11/24/2014
 |  Comments: 7
Internet Architecture Board Calls For Net Encryption By Default
Last Message: 11/24/2014
 |  Comments: 10
New Certification Authority To Offer Free Certs For HTTPS
Last Message: 11/24/2014
 |  Comments: 5
The Week When Attackers Started Winning The War On Trust
Last Message: 11/24/2014
 |  Comments: 1
The Year Of The Retailer Data Breach
Last Message: 11/22/2014
 |  Comments: 4
ID Theft Monitoring Services: What You Need To Know
Last Message: 11/22/2014
 |  Comments: 3
FreedomPop Debuts Encrypted Snowden Phone
Last Message: 11/21/2014
 |  Comments: 5
How Enterprises Can Get The Most From Threat Intelligence
Last Message: 11/21/2014
 |  Comments: 2
Surveillance Cameras Next On The Insecure IoT List
Last Message: 11/21/2014
 |  Comments: 2
Retail Hacking: What To Expect This Holiday Season
Last Message: 11/21/2014
 |  Comments: 4
Killing Passwords: Dont Get A-Twitter Over Digits
Last Message: 11/21/2014
 |  Comments: 5
Enter The Digital Risk Officer
Last Message: 11/21/2014
 |  Comments: 1
The World's Most Hackable Cars
Last Message: 11/21/2014
 |  Comments: 25
Rethinking Security With A System Of 'Checks & Balances'
Last Message: 11/20/2014
 |  Comments: 7
Time To Turn The Tables On Attackers
Last Message: 11/20/2014
 |  Comments: 5
Microsoft Issues Emergency Patch Amid Targeted Attacks
Last Message: 11/19/2014
 |  Comments: 2
'Misdial Trap' Phone Scam Hits Financial Services
Last Message: 11/19/2014
 |  Comments: 2
Retail Hacking: What To Expect This Holiday Season
Last Message: 11/19/2014
 |  Comments: 95
Is Rogue IT Really A Problem?
Last Message: 11/18/2014
 |  Comments: 1
POS Malware Continues To Evolve
Last Message: 11/17/2014
 |  Comments: 7
'Bashlite' Malware Leverages ShellShock In BusyBox Attack
Last Message: 11/17/2014
 |  Comments: 4
NOAA Blames China In Hack, Breaks Disclosure Rules
Last Message: 11/17/2014
 |  Comments: 2
Smart Meter Hack Shuts Off The Lights
Last Message: 11/16/2014
 |  Comments: 5
Financial Breaches Show Trust Model Is Broken
Last Message: 11/15/2014
 |  Comments: 7
How I Became A CISO: Jennings Aske, Nuance Communications
Last Message: 11/15/2014
 |  Comments: 9
Stuxnet 'Patient Zero' Attack Targets Revealed
Last Message: 11/13/2014
 |  Comments: 5
How I Became A CISO: Quinn Shamblin, Boston University
Last Message: 11/13/2014
 |  Comments: 3
iOS 8 Vs. Android: How Secure Is Your Data?
Last Message: 11/13/2014
 |  Comments: 4
3 IT Practices That Add Risk To Cloud
Last Message: 11/13/2014
 |  Comments: 2
The Staggering Complexity of Application Security
Last Message: 11/12/2014
 |  Comments: 6
Drag Your Adolescent Incident-Response Program Into Adulthood
Last Message: 11/12/2014
 |  Comments: 2
Protecting the Customer-Facing Website
Last Message: 11/12/2014
 |  Comments: 28
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...