Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in December 2019
Page 1 / 2   >   >>
The Edge Cartoon Contest: You Better Watch Out ...
Last Message: 12/31/2019
 |  Comments: 15
Malvertising Trends: Dont Talk Ad Standards Without Ad Security
Last Message: 12/31/2019
 |  Comments: 14
6 CISO New Year's Resolutions for 2020
Last Message: 12/30/2019
 |  Comments: 1
Fraud in the New Decade
Last Message: 12/30/2019
 |  Comments: 1
Santa and the Zero-Trust Model: A Christmas Story
Last Message: 12/30/2019
 |  Comments: 12
SIM Swapping Attacks: What They Are & How to Stop Them
Last Message: 12/30/2019
 |  Comments: 1
The Night Before 'Breachmas'
Last Message: 12/30/2019
 |  Comments: 1
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Last Message: 12/30/2019
 |  Comments: 1
Defensive Wish List for 2020: Faster Responses to Threats
Last Message: 12/30/2019
 |  Comments: 11
2020 & Beyond: The Evolution of Cybersecurity
Last Message: 12/29/2019
 |  Comments: 7
For $14.71, You Can Buy A Passport Scan on the Dark Web
Last Message: 12/29/2019
 |  Comments: 3
Flaws in Telegram & WhatsApp on Android Put Data at Risk
Last Message: 12/29/2019
 |  Comments: 2
New Orleans to Boost Cyber Insurance to $10M Post-Ransomware
Last Message: 12/28/2019
 |  Comments: 6
Why You Need to Think About API Security
Last Message: 12/28/2019
 |  Comments: 1
SQL Injection Errors No Longer the Top Software Security Issue
Last Message: 12/27/2019
 |  Comments: 1
Why Cyber-Risk Is a C-Suite Issue
Last Message: 12/27/2019
 |  Comments: 5
Waking Up to Third-Party Security Risk
Last Message: 12/26/2019
 |  Comments: 1
Deep Instinct Touts Predictive Aspects of Deep Learning
Last Message: 12/24/2019
 |  Comments: 4
Few Firms Use Segmentation, Despite Security Benefits
Last Message: 12/23/2019
 |  Comments: 1
8 Nation-State Hacking Groups to Watch in 2018
Last Message: 12/22/2019
 |  Comments: 1
Name That Toon: Endpoint Protection
Last Message: 12/19/2019
 |  Comments: 46
Overburdened SOC Analysts Shift Priorities
Last Message: 12/19/2019
 |  Comments: 3
Don't Make Security Training a 'One-and-Done'
Last Message: 12/19/2019
 |  Comments: 1
How to Build a Rock-Solid Cybersecurity Culture
Last Message: 12/19/2019
 |  Comments: 1
Back to Basics with Log Management, SIEMs & MSSPs
Last Message: 12/18/2019
 |  Comments: 7
T-Mobile Prepaid Hit by Significant Data Breach
Last Message: 12/17/2019
 |  Comments: 3
Lessons from the NSA: Know Your Assets
Last Message: 12/17/2019
 |  Comments: 1
Attackers' Costs Increasing as Businesses Focus on Security
Last Message: 12/17/2019
 |  Comments: 1
Visa Warns of Targeted PoS Attacks on Gas Station Merchants
Last Message: 12/17/2019
 |  Comments: 1
How to Get Prepared for Privacy Legislation
Last Message: 12/16/2019
 |  Comments: 9
Security Innovation: Driven By Necessity, Fueled By Interaction
Last Message: 12/16/2019
 |  Comments: 2
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Last Message: 12/16/2019
 |  Comments: 2
Data Leak Week: Billions of Sensitive Files Exposed Online
Last Message: 12/12/2019
 |  Comments: 2
3 Fundamentals for Better Security and IT Management
Last Message: 12/11/2019
 |  Comments: 1
NYPD Pulls Fingerprint Database Offline Due to Ransomware Scare
Last Message: 12/11/2019
 |  Comments: 1
Leveraging the Cloud for Cyber Intelligence
Last Message: 12/11/2019
 |  Comments: 1
Data from 21M Mixcloud Users Compromised in Breach
Last Message: 12/11/2019
 |  Comments: 1
Smith & Wesson Is Magecart's Latest Target
Last Message: 12/11/2019
 |  Comments: 1
TrickBot Expands in Japan Ahead of the Holidays
Last Message: 12/11/2019
 |  Comments: 1
Attackers Continue to Exploit Outlook Home Page Flaw
Last Message: 12/11/2019
 |  Comments: 1
Navigating Security in the Cloud
Last Message: 12/11/2019
 |  Comments: 2
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...