Dark Reading Article Boards

Message Boards posted in May 2015
DR Radio: Incident Response War-Gaming
Last Message: 5/29/2015
 |  Comments: 3
Cyber Threat Analysis: A Call for Clarity
Last Message: 5/29/2015
 |  Comments: 12
FUD Watch: The Marketing Of Security Vulnerabilities
Last Message: 5/29/2015
 |  Comments: 1
Oracle PeopleSoft In The Crosshairs
Last Message: 5/29/2015
 |  Comments: 4
Growing Open Source Use Heightens Enterprise Security Risks
Last Message: 5/28/2015
 |  Comments: 13
IRS Breach Exposes 100,000 Taxpayers' Tax Returns, Other Data
Last Message: 5/28/2015
 |  Comments: 6
A Threat Intelligence-Sharing Reality-Check
Last Message: 5/28/2015
 |  Comments: 1
Google: Account Recovery Security Questions Not Very Secure
Last Message: 5/26/2015
 |  Comments: 2
Why We Can't Afford To Give Up On Cybersecurity Defense
Last Message: 5/23/2015
 |  Comments: 3
Hacking Virginia State Trooper Cruisers
Last Message: 5/22/2015
 |  Comments: 1
5 Signs Credentials In Your Network Are Being Compromised
Last Message: 5/22/2015
 |  Comments: 1
3 'Old' Attack Trends That Dominated Q1
Last Message: 5/22/2015
 |  Comments: 1
Retailers Take 197 Days To Detect Advanced Threat, Study Says
Last Message: 5/21/2015
 |  Comments: 1
Logjam Encryption Flaw Threatens Secure Communications On Web
Last Message: 5/21/2015
 |  Comments: 1
Social Engineering Defenses: Reducing The Human Element
Last Message: 5/19/2015
 |  Comments: 11
"Google Privacy Changes: 6 Steps To Take"
Last Message: 5/19/2015
 |  Comments: 8
Vulnerability Disclosure Deja Vu: Prosecute Crime Not Research
Last Message: 5/19/2015
 |  Comments: 10
Experts Urge InfoSec Info Sharing At Columbia-GCIG Conference
Last Message: 5/19/2015
 |  Comments: 1
When Encrypted Communication Is Not Good Enough
Last Message: 5/19/2015
 |  Comments: 5
Every 4 Seconds New Malware Is Born
Last Message: 5/19/2015
 |  Comments: 2
Experts' Opinions Mixed On VENOM Vulnerability
Last Message: 5/15/2015
 |  Comments: 2
What Does China-Russia 'No Hack' Pact Mean For US?
Last Message: 5/14/2015
 |  Comments: 2
Taking A Security Program From Zero To Hero
Last Message: 5/14/2015
 |  Comments: 2
3 Ways Attackers Will Own Your SAP
Last Message: 5/12/2015
 |  Comments: 2
Twitter's Top 10 Social CISOs
Last Message: 5/11/2015
 |  Comments: 1
Beginning Of The End For Patch Tuesday
Last Message: 5/9/2015
 |  Comments: 6
New Security Mindset: Focus On The Interior
Last Message: 5/8/2015
 |  Comments: 9
Law Enforcement Finding Few Allies On Encryption
Last Message: 5/6/2015
 |  Comments: 3
Defenses Outside the Wall
Last Message: 5/6/2015
 |  Comments: 5
Deconstructing Mobile Fraud Risk
Last Message: 5/6/2015
 |  Comments: 1
Rapid7 Picks Up NTObjectives
Last Message: 5/5/2015
 |  Comments: 1
Breaking The Security Fail Cycle
Last Message: 5/4/2015
 |  Comments: 4
Note To Vendors: CISOs Dont Want Your Analytical Tools
Last Message: 5/4/2015
 |  Comments: 6
Dyre Trojan Adds New Sandbox-Evasion Feature
Last Message: 5/3/2015
 |  Comments: 1
Government Giving 'No More Free Passes' To Cybercriminals
Last Message: 5/3/2015
 |  Comments: 11
Big Data & The Security Skills Shortage
Last Message: 5/1/2015
 |  Comments: 4
Bringing Tokenization To Secure Payments & Beyond
Last Message: 5/1/2015
 |  Comments: 5


Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.