Dark Reading Article Boards

Message Boards posted in May 2015
DR Radio: Incident Response War-Gaming
Last Message: 5/29/2015
 |  Comments: 3
Cyber Threat Analysis: A Call for Clarity
Last Message: 5/29/2015
 |  Comments: 12
FUD Watch: The Marketing Of Security Vulnerabilities
Last Message: 5/29/2015
 |  Comments: 1
Oracle PeopleSoft In The Crosshairs
Last Message: 5/29/2015
 |  Comments: 4
Growing Open Source Use Heightens Enterprise Security Risks
Last Message: 5/28/2015
 |  Comments: 13
IRS Breach Exposes 100,000 Taxpayers' Tax Returns, Other Data
Last Message: 5/28/2015
 |  Comments: 6
A Threat Intelligence-Sharing Reality-Check
Last Message: 5/28/2015
 |  Comments: 1
Google: Account Recovery Security Questions Not Very Secure
Last Message: 5/26/2015
 |  Comments: 2
Why We Can't Afford To Give Up On Cybersecurity Defense
Last Message: 5/23/2015
 |  Comments: 3
Hacking Virginia State Trooper Cruisers
Last Message: 5/22/2015
 |  Comments: 1
5 Signs Credentials In Your Network Are Being Compromised
Last Message: 5/22/2015
 |  Comments: 1
3 'Old' Attack Trends That Dominated Q1
Last Message: 5/22/2015
 |  Comments: 1
Retailers Take 197 Days To Detect Advanced Threat, Study Says
Last Message: 5/21/2015
 |  Comments: 1
Logjam Encryption Flaw Threatens Secure Communications On Web
Last Message: 5/21/2015
 |  Comments: 1
Social Engineering Defenses: Reducing The Human Element
Last Message: 5/19/2015
 |  Comments: 11
"Google Privacy Changes: 6 Steps To Take"
Last Message: 5/19/2015
 |  Comments: 8
Vulnerability Disclosure Deja Vu: Prosecute Crime Not Research
Last Message: 5/19/2015
 |  Comments: 10
Experts Urge InfoSec Info Sharing At Columbia-GCIG Conference
Last Message: 5/19/2015
 |  Comments: 1
When Encrypted Communication Is Not Good Enough
Last Message: 5/19/2015
 |  Comments: 5
Every 4 Seconds New Malware Is Born
Last Message: 5/19/2015
 |  Comments: 2
Experts' Opinions Mixed On VENOM Vulnerability
Last Message: 5/15/2015
 |  Comments: 2
What Does China-Russia 'No Hack' Pact Mean For US?
Last Message: 5/14/2015
 |  Comments: 2
Taking A Security Program From Zero To Hero
Last Message: 5/14/2015
 |  Comments: 2
3 Ways Attackers Will Own Your SAP
Last Message: 5/12/2015
 |  Comments: 2
Twitter's Top 10 Social CISOs
Last Message: 5/11/2015
 |  Comments: 1
Beginning Of The End For Patch Tuesday
Last Message: 5/9/2015
 |  Comments: 6
New Security Mindset: Focus On The Interior
Last Message: 5/8/2015
 |  Comments: 9
Law Enforcement Finding Few Allies On Encryption
Last Message: 5/6/2015
 |  Comments: 3
Defenses Outside the Wall
Last Message: 5/6/2015
 |  Comments: 5
Deconstructing Mobile Fraud Risk
Last Message: 5/6/2015
 |  Comments: 1
Rapid7 Picks Up NTObjectives
Last Message: 5/5/2015
 |  Comments: 1
Breaking The Security Fail Cycle
Last Message: 5/4/2015
 |  Comments: 4
Note To Vendors: CISOs Dont Want Your Analytical Tools
Last Message: 5/4/2015
 |  Comments: 6
Dyre Trojan Adds New Sandbox-Evasion Feature
Last Message: 5/3/2015
 |  Comments: 1
Government Giving 'No More Free Passes' To Cybercriminals
Last Message: 5/3/2015
 |  Comments: 11
Big Data & The Security Skills Shortage
Last Message: 5/1/2015
 |  Comments: 4
Bringing Tokenization To Secure Payments & Beyond
Last Message: 5/1/2015
 |  Comments: 5


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-17305
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher R...
CVE-2017-17311
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted...
CVE-2017-17312
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted...
CVE-2018-12115
PUBLISHED: 2018-08-21
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second...
CVE-2018-7166
PUBLISHED: 2018-08-21
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misint...