Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in December 2013
Target Breach: 10 Facts
Last Message: 12/30/2013
 |  Comments: 23
How Mobile Security Lags BYOD
Last Message: 12/27/2013
 |  Comments: 6
IT Security Risk Management: Is It Worth The Cost?
Last Message: 12/27/2013
 |  Comments: 7
2013: Rest In Peace, Passwords
Last Message: 12/26/2013
 |  Comments: 16
"File Sync And Sharing: Users Won't Give It Up"
Last Message: 12/25/2013
 |  Comments: 8
The State of IT Security: Its Broken
Last Message: 12/23/2013
 |  Comments: 14
BYOD Bingo
Last Message: 12/23/2013
 |  Comments: 6
Is Mob-Busting RICO Overkill For Combating Cybercrime?
Last Message: 12/23/2013
 |  Comments: 5
Secure Code Starts With Measuring What Developers Know
Last Message: 12/22/2013
 |  Comments: 2
'ChewBacca' Malware Taps Tor Network
Last Message: 12/19/2013
 |  Comments: 2
Bitcoin Hit By Gameover Malware, Chinese Crackdown
Last Message: 12/19/2013
 |  Comments: 3
Safety Equipment
Last Message: 12/19/2013
 |  Comments: 2
Android AV Improves But Still Can't Nuke Malware
Last Message: 12/19/2013
 |  Comments: 4
How To Win A Cartoon Caption Contest (Tech Version)
Last Message: 12/17/2013
 |  Comments: 2
"NSA Vs. Your Smartphone: 5 Facts"
Last Message: 12/17/2013
 |  Comments: 5
NSA Surveillance Fallout Costs IT Industry Billions
Last Message: 12/17/2013
 |  Comments: 20
Advanced Power Botnet: Firefox Users, Beware
Last Message: 12/16/2013
 |  Comments: 1
Time For An Active Defense Against Security Attacks
Last Message: 12/16/2013
 |  Comments: 7
Why Fed Cybersecurity Reboot Plan Fails To Convince
Last Message: 12/13/2013
 |  Comments: 2
"Lessons Learned From N.Y. Times Hack Attack"
Last Message: 12/13/2013
 |  Comments: 1
Cybercrime Milestone: Guilty Plea In RICO Case
Last Message: 12/13/2013
 |  Comments: 5
Microsoft Fails To Nuke ZeroAccess Botnet
Last Message: 12/11/2013
 |  Comments: 1
White House Preparing National Online ID Plan
Last Message: 12/10/2013
 |  Comments: 3
Don't Be Overprotective About BYOD
Last Message: 12/10/2013
 |  Comments: 3
DARPA Crowdsources Bug-Spotting Games
Last Message: 12/9/2013
 |  Comments: 2
Application Security: We Still Have A Long Way To Go
Last Message: 12/9/2013
 |  Comments: 13
Juniper Mobile VPN Client Taps iOS Security Changes
Last Message: 12/9/2013
 |  Comments: 3
Online Extortion: The Ethics Of Unpublishing
Last Message: 12/9/2013
 |  Comments: 2
China Slams Bitcoins: What's Next?
Last Message: 12/8/2013
 |  Comments: 5
2 Million Stolen Passwords Recovered
Last Message: 12/7/2013
 |  Comments: 7
Why Security Awareness Is Like An Umbrella
Last Message: 12/6/2013
 |  Comments: 2
NSA Fallout: Microsoft Rethinks Customer Data Controls
Last Message: 12/6/2013
 |  Comments: 7
Bitcoin Password Grab Disguised As DDoS Attack
Last Message: 12/5/2013
 |  Comments: 6
Hardware Hacker Demos Zombie Drone Hijacker
Last Message: 12/4/2013
 |  Comments: 4
Weighing Costs Vs. Benefits Of NSA Surveillance
Last Message: 12/4/2013
 |  Comments: 5
Zero-Day Drive-By Attacks: Accelerating & Expanding
Last Message: 12/3/2013
 |  Comments: 5
Microsoft Office 365 Encrypted Email On Tap
Last Message: 12/2/2013
 |  Comments: 4
Cartoon: You Might Be A Security Expert If...
Last Message: 12/2/2013
 |  Comments: 4
LG Admits Smart TVs Spied On Users
Last Message: 12/2/2013
 |  Comments: 15


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...