Dark Reading Article Boards

Message Boards posted in December 2014
Page 1 / 2   >   >>
Tech Insight: Hacking The Nest Thermostat
Last Message: 12/31/2014
 |  Comments: 6
Why Digital Forensics In Incident Response Matter More Now
Last Message: 12/29/2014
 |  Comments: 6
The Coolest Hacks Of 2014
Last Message: 12/29/2014
 |  Comments: 9
Obama: U.S. Will Respond 'Proportionately' to Sony Cyber Attack
Last Message: 12/28/2014
 |  Comments: 20
North Korea's Internet Restored
Last Message: 12/27/2014
 |  Comments: 7
Time to Rethink Patching Strategies
Last Message: 12/26/2014
 |  Comments: 14
Security News No One Saw Coming In 2014
Last Message: 12/24/2014
 |  Comments: 12
CISO Holiday Bookshelf
Last Message: 12/22/2014
 |  Comments: 1
5 Pitfalls to Avoid When Running Your SOC
Last Message: 12/22/2014
 |  Comments: 6
New OpenSSL Flaw Exposes SSL To Man-In-The-Middle Attack
Last Message: 12/22/2014
 |  Comments: 10
The Internet's Winter Of Discontent
Last Message: 12/22/2014
 |  Comments: 1
'Grinch' Bug May Affect Most Linux Systems
Last Message: 12/22/2014
 |  Comments: 3
Sony Hackers Knew Details Of Sony's Entire IT Infrastructure
Last Message: 12/22/2014
 |  Comments: 32
The New Target for State-Sponsored Cyber Attacks: Applications
Last Message: 12/19/2014
 |  Comments: 1
How to Become a CISO
Last Message: 12/17/2014
 |  Comments: 87
Price Tag Rises For Stolen Identities Sold In The Underground
Last Message: 12/17/2014
 |  Comments: 4
Targeted Attacks: A Defender's Playbook
Last Message: 12/16/2014
 |  Comments: 3
FBI Calls For Law Facilitating Security Information Sharing
Last Message: 12/15/2014
 |  Comments: 2
Attackers Turn Focus to PoS Vendors
Last Message: 12/14/2014
 |  Comments: 1
DARPA Investigates Storytelling As Security Science
Last Message: 12/14/2014
 |  Comments: 1
'DeathRing' Malware Found Pre-Installed On Smartphones
Last Message: 12/12/2014
 |  Comments: 4
Ex-NSA Agents' Security Startup Lands $8 Million In Funding
Last Message: 12/11/2014
 |  Comments: 4
"Can The NSA Really Track Turned-Off Cellphones?"
Last Message: 12/11/2014
 |  Comments: 10
Breach Security 101
Last Message: 12/10/2014
 |  Comments: 1
'Inception' Cyber Espionage Campaign Targets PCs, Smartphones
Last Message: 12/10/2014
 |  Comments: 1
Employees Still Get More Access Than They Need
Last Message: 12/10/2014
 |  Comments: 1
Moving Beyond 2-Factor Authentication With Context
Last Message: 12/9/2014
 |  Comments: 11
2014: The Year of Shaken Trust
Last Message: 12/9/2014
 |  Comments: 1
Internet Of Things Devices Are Doomed
Last Message: 12/6/2014
 |  Comments: 10
Why Regin Malware Changes Threatscape Economics
Last Message: 12/5/2014
 |  Comments: 3
Q&A: Internet Encryption As The New Normal
Last Message: 12/4/2014
 |  Comments: 6
New TLS/SSL Version Ready In 2015
Last Message: 12/4/2014
 |  Comments: 2
The Case for Compelling Executive Dashboards
Last Message: 12/4/2014
 |  Comments: 4
The Real Cost of Cyber Incidents, According To Insurers
Last Message: 12/4/2014
 |  Comments: 3
Leveraging The Kill Chain For Awesome
Last Message: 12/4/2014
 |  Comments: 1
How I Became a CISO: Jonathan Trull, Qualys
Last Message: 12/3/2014
 |  Comments: 1
How Startups Can Jumpstart Security Innovation
Last Message: 12/3/2014
 |  Comments: 1
Why We Need Better Cyber Security: A Graphical Snapshot
Last Message: 12/3/2014
 |  Comments: 13
Cybercrooks Expand Sights To Market Manipulation
Last Message: 12/2/2014
 |  Comments: 2
Marrying Monitoring With IAM
Last Message: 12/2/2014
 |  Comments: 2
Youre Doing BYOD Wrong: These Numbers Prove It
Last Message: 12/2/2014
 |  Comments: 4
Page 1 / 2   >   >>


One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.