Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in May 2017
Page 1 / 2   >   >>
Cisco and IBM Team Up on Security
Last Message: 5/31/2017
 |  Comments: 1
Chipotle Dishes Details on Data Breach
Last Message: 5/30/2017
 |  Comments: 2
Medical Devices Fall Short in Security Best Practices
Last Message: 5/30/2017
 |  Comments: 2
Split Tunnel SMTP Exploit Bypasses Email Security Gateways
Last Message: 5/30/2017
 |  Comments: 8
DDoS Attacks Fell 23% in First Quarter, Grew in Size
Last Message: 5/30/2017
 |  Comments: 3
82% of Databases Left Unencrypted in Public Cloud
Last Message: 5/30/2017
 |  Comments: 9
New Samba Bug Dangerous But No WannaCry
Last Message: 5/30/2017
 |  Comments: 1
Microsoft 'Father Of SDL' Named To Top Post At SAFECode
Last Message: 5/30/2017
 |  Comments: 1
WannaCry's 'Kill Switch' May Have Been a Sandbox-Evasion Tool
Last Message: 5/28/2017
 |  Comments: 3
Data Security & Privacy: The Risks of Not Playing by the Rules
Last Message: 5/28/2017
 |  Comments: 1
WannaCry Gives Consumers a First Look into Ransomware
Last Message: 5/27/2017
 |  Comments: 1
5 Security Lessons WannaCry Taught Us the Hard Way
Last Message: 5/25/2017
 |  Comments: 8
Staying a Step Ahead of Internet Attacks
Last Message: 5/25/2017
 |  Comments: 2
4 Reasons the Vulnerability Disclosure Process Stalls
Last Message: 5/24/2017
 |  Comments: 1
8 Notorious Russian Hackers Arrested in the Past 8 Years
Last Message: 5/24/2017
 |  Comments: 2
Don't Forget Basic Security Measures, Experts Say
Last Message: 5/24/2017
 |  Comments: 2
How Many People Does It Take to Defend a Network?
Last Message: 5/22/2017
 |  Comments: 2
Google Won't Trust Symantec and Neither Should You
Last Message: 5/22/2017
 |  Comments: 2
All Generations, All Risks, All Contained: A How-To Guide
Last Message: 5/22/2017
 |  Comments: 1
The Fundamental Flaw in TCP/IP: Connecting Everything
Last Message: 5/19/2017
 |  Comments: 4
"Data Theft Costs Tennessee Blue Cross Big Bucks"
Last Message: 5/19/2017
 |  Comments: 1
And Now a Ransomware Tool That Charges Based On Where You Live
Last Message: 5/19/2017
 |  Comments: 1
Inside the Motivations Behind Modern Cyberattackers
Last Message: 5/18/2017
 |  Comments: 1
The New Shadow IT: Custom Data Center Applications
Last Message: 5/18/2017
 |  Comments: 3
How to Integrate Threat Intel & DevOps
Last Message: 5/17/2017
 |  Comments: 1
Your Grandma Could Be the Next Ransomware Millionaire
Last Message: 5/17/2017
 |  Comments: 3
Understanding The Cloud Threat Surface
Last Message: 5/17/2017
 |  Comments: 10
Call Center Fraud Spiked 113% in 2016
Last Message: 5/17/2017
 |  Comments: 1
Study: Rooted Androids, Jailbroken iPhones Found in Enterprises
Last Message: 5/16/2017
 |  Comments: 1
The Cyber-Committed CEO & Board
Last Message: 5/16/2017
 |  Comments: 2
Seeing Security from the Other Side of the Window
Last Message: 5/16/2017
 |  Comments: 1
Microsoft Calls for IoT Cybersecurity Policy Development
Last Message: 5/16/2017
 |  Comments: 1
OWASP Top 10 Update: Long Overdue Or Same-Old, Same-Old?
Last Message: 5/14/2017
 |  Comments: 1
For The Birds: Dark Reading Cartoon Caption Contest Winners
Last Message: 5/14/2017
 |  Comments: 4
How To Stay Secure At The Hotel On A Business Trip
Last Message: 5/12/2017
 |  Comments: 10
Cisco Offers Free Decryption Tool For Ransomware Victims
Last Message: 5/12/2017
 |  Comments: 7
More Than Half Of Android Devices Run Outdated Browsers
Last Message: 5/10/2017
 |  Comments: 2
The Long Tail of the Intel AMT Flaw
Last Message: 5/10/2017
 |  Comments: 1
Android App Permission in Google Play Contains Security Flaw
Last Message: 5/10/2017
 |  Comments: 1
Hackers Face $8.9 Million Fine for Law Firm Breaches
Last Message: 5/10/2017
 |  Comments: 1
Windows 'BadTunnel' Attack Hijacks Network Traffic
Last Message: 5/9/2017
 |  Comments: 1
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...