Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in December 2017
Page 1 / 2   >   >>
US Census Bureau: Data Exposed in Alteryx Leak Already Public
Last Message: 12/31/2017
 |  Comments: 11
Network Printer & Scanner Spoofing Campaign Targets Millions
Last Message: 12/29/2017
 |  Comments: 1
Mozilla Issues Critical Security Patch for Thunderbird Flaw
Last Message: 12/29/2017
 |  Comments: 1
8 Out of 10 Employees Use Unencrypted USB Devices
Last Message: 12/28/2017
 |  Comments: 1
CISO Holiday Miracle Wish List
Last Message: 12/27/2017
 |  Comments: 1
Facebook Helps Users Detect Phishing Emails
Last Message: 12/27/2017
 |  Comments: 8
Be a More Effective CISO by Aligning Security to the Business
Last Message: 12/25/2017
 |  Comments: 6
Five Arrested for Cerber, CTB-Locker Ransomware Spread
Last Message: 12/24/2017
 |  Comments: 7
80% of Americans Admit to Risky Cybersecurity Behaviors
Last Message: 12/20/2017
 |  Comments: 4
Kaspersky Lab Files Lawsuit Over DHS Ban of its Products
Last Message: 12/19/2017
 |  Comments: 1
Security Geek Gift Guide
Last Message: 12/18/2017
 |  Comments: 1
2 Million Fake Net Neutrality Comments Stole American Identities
Last Message: 12/18/2017
 |  Comments: 4
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Last Message: 12/18/2017
 |  Comments: 8
19 M California Voter Records Held for Ransom in MongoDB Attack
Last Message: 12/18/2017
 |  Comments: 1
Mobile Security Gap Threatens Enterprises
Last Message: 12/17/2017
 |  Comments: 8
6 Personality Profiles of White-Hat Hackers
Last Message: 12/15/2017
 |  Comments: 1
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Last Message: 12/15/2017
 |  Comments: 2
Malware Decompiler Tool Goes Open Source
Last Message: 12/15/2017
 |  Comments: 1
Healthcare Faces Poor Cybersecurity Prognosis
Last Message: 12/14/2017
 |  Comments: 1
Uber's Security Slip-ups: What Went Wrong
Last Message: 12/14/2017
 |  Comments: 2
Security Compliance: The Less You Spend the More You Pay
Last Message: 12/14/2017
 |  Comments: 1
Lack of Experience Biggest Obstacle for InfoSec Career
Last Message: 12/13/2017
 |  Comments: 3
Dark Reading Launches New Conference on Cyber Defense
Last Message: 12/13/2017
 |  Comments: 8
Cybersecurity's Ceiling
Last Message: 12/13/2017
 |  Comments: 7
Oracle Product Rollout Underscores Need for Trust in the Cloud
Last Message: 12/13/2017
 |  Comments: 1
Throw Out the Playbooks to Win at Incident Response
Last Message: 12/13/2017
 |  Comments: 5
Hacking the Security Job Application Process
Last Message: 12/13/2017
 |  Comments: 1
A Call for New Voices on the Security Conference Circuit
Last Message: 12/13/2017
 |  Comments: 4
Security Training & Awareness: 3 Big Myths
Last Message: 12/13/2017
 |  Comments: 6
Preventing Credential Theft: A Security Checklist for Boards
Last Message: 12/13/2017
 |  Comments: 1
Mischel Kwon Unplugged
Last Message: 12/13/2017
 |  Comments: 1
Hiring Outside the Box in Cybersecurity
Last Message: 12/13/2017
 |  Comments: 2
Only 5% of Business Leaders Rethought Security After Equifax
Last Message: 12/12/2017
 |  Comments: 1
5 Free or Low-Cost Security Tools for Defenders
Last Message: 12/12/2017
 |  Comments: 1
Nearly 2/3 of Industrial Companies Lack Security Monitoring
Last Message: 12/12/2017
 |  Comments: 1
10 Essential Elements For Your Incident-Response Plan
Last Message: 12/11/2017
 |  Comments: 4
Emerging IT Security Technologies: 13 Categories, 26 Vendors
Last Message: 12/8/2017
 |  Comments: 1
Why Cybersecurity Must Be an International Effort
Last Message: 12/7/2017
 |  Comments: 1
3 Ways to Retain Security Operations Staff
Last Message: 12/7/2017
 |  Comments: 10
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...