Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in March 2015
Page 1 / 2   >   >>
7 Bugs, Breaches, & Compromises To Rock 2015 (So Far)
Last Message: 3/31/2015
 |  Comments: 3
British Airways The Latest Loyalty Program Breach Victim
Last Message: 3/31/2015
 |  Comments: 1
Be Aware: 8 Tips for Security Awareness Training
Last Message: 3/30/2015
 |  Comments: 14
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Last Message: 3/30/2015
 |  Comments: 2
Worst Sports-Related Passwords
Last Message: 3/28/2015
 |  Comments: 18
The Internet Of Bring-Your-Own Things
Last Message: 3/27/2015
 |  Comments: 1
ProtonMail Raises $2M USD
Last Message: 3/26/2015
 |  Comments: 1
ISACs Demystified
Last Message: 3/26/2015
 |  Comments: 8
Researchers Use Heat To Breach Air-Gapped Systems
Last Message: 3/26/2015
 |  Comments: 1
Will POSeidon Preempt BlackPOS?
Last Message: 3/24/2015
 |  Comments: 1
When DDoS Isn't All About Massive Disruption
Last Message: 3/24/2015
 |  Comments: 2
Frenemies Of The C-Suite: CSO, CIO, CRO, CPO
Last Message: 3/23/2015
 |  Comments: 2
6 Ways The Sony Hack Changes Everything
Last Message: 3/23/2015
 |  Comments: 5
Target To Settle Data Breach Lawsuit For $10 Million
Last Message: 3/23/2015
 |  Comments: 1
How We Can Prevent Another Anthem Breach
Last Message: 3/22/2015
 |  Comments: 20
Rush To Release Resulting In Vulnerable Mobile Apps
Last Message: 3/22/2015
 |  Comments: 1
Two More Health Insurers Report Data Breach
Last Message: 3/19/2015
 |  Comments: 4
Raising the Stakes: When Software Attacks Hardware
Last Message: 3/19/2015
 |  Comments: 1
Russian Hacker Who Hit Heartland, NASDAQ, Extradited To US
Last Message: 3/18/2015
 |  Comments: 2
Chick-fil-A Breach: Avoiding 5 Common Security Mistakes
Last Message: 3/18/2015
 |  Comments: 4
Has Security Ops Has Outlived Its Purpose?
Last Message: 3/17/2015
 |  Comments: 15
The End of Pen Testing As We Know It?
Last Message: 3/17/2015
 |  Comments: 1
A Building Code For Internet of Things Security, Privacy
Last Message: 3/17/2015
 |  Comments: 6
7 Deadly Sins Of Security Policy Change Management
Last Message: 3/17/2015
 |  Comments: 1
10 Ways To Measure IT Security Program Effectiveness
Last Message: 3/17/2015
 |  Comments: 1
Hackers Breaking New Ground With Ransomware
Last Message: 3/16/2015
 |  Comments: 2
Second Look: Data Security In A Hybrid Cloud
Last Message: 3/16/2015
 |  Comments: 12
OpenSSL To Undergo Major Audit
Last Message: 3/16/2015
 |  Comments: 2
7 In 10 Businesses Struggle To Sustain PCI Compliance
Last Message: 3/16/2015
 |  Comments: 1
Does Hollywood Have The Answer To The Security Skills Question?
Last Message: 3/16/2015
 |  Comments: 12
Lack of WordPress User Education Affecting Security Posture
Last Message: 3/15/2015
 |  Comments: 7
Cartoon: End-User Ed
Last Message: 3/13/2015
 |  Comments: 11
Mobile Security By The Numbers
Last Message: 3/12/2015
 |  Comments: 3
Equation Group Cyberspying Activity May Date Back To The '90s
Last Message: 3/12/2015
 |  Comments: 2
DroppedIn Vuln Links Victims' Androids To Attackers' DropBoxes
Last Message: 3/12/2015
 |  Comments: 1
Startup Focuses On Stopping Data Exfiltration
Last Message: 3/10/2015
 |  Comments: 2
5 Things CISOs Can Learn From The Best GMs In Baseball
Last Message: 3/10/2015
 |  Comments: 2
No Silver Bullets for Security
Last Message: 3/10/2015
 |  Comments: 3
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...