Dark Reading Article Boards

Message Boards posted in September 2014
Page 1 / 2   >   >>
New Bash Bugs Surface
Last Message: 9/30/2014
 |  Comments: 1
Hacking Humans
Last Message: 9/30/2014
 |  Comments: 2
Making Sense Of Shellshock Attack Chaos
Last Message: 9/30/2014
 |  Comments: 4
Data Privacy Etiquette: It's Not Just For Kids
Last Message: 9/30/2014
 |  Comments: 10
Shellshocked: A Future Of Hair On Fire Bugs
Last Message: 9/30/2014
 |  Comments: 22
Apple: Majority Of Mac OS X Users Not At Risk To 'Shellshock'
Last Message: 9/30/2014
 |  Comments: 5
How SaaS Adoption Is Changing Cloud Security
Last Message: 9/29/2014
 |  Comments: 6
When Layers On Layers Of Security Equals LOL Security
Last Message: 9/29/2014
 |  Comments: 3
Breached Retailers Harden PoS, For Now
Last Message: 9/29/2014
 |  Comments: 8
Malvertising Could Rival Exploit Kits
Last Message: 9/26/2014
 |  Comments: 2
Bash Bug May Be Worse Than Heartbleed
Last Message: 9/26/2014
 |  Comments: 10
InfoSec Book Club: Whats On Your Fall Reading List?
Last Message: 9/25/2014
 |  Comments: 8
Study: 15 Million Devices Infected With Mobile Malware
Last Message: 9/25/2014
 |  Comments: 1
Jimmy John's Gourmet Sandwiches POS Systems Hacked
Last Message: 9/25/2014
 |  Comments: 4
5 Top Tips For Outsourced Security
Last Message: 9/25/2014
 |  Comments: 5
Incident Response Fail
Last Message: 9/24/2014
 |  Comments: 1
Mobile-Only Employee Trend Could Break Security Models
Last Message: 9/24/2014
 |  Comments: 10
ISIS Cyber Threat To US Under Debate
Last Message: 9/24/2014
 |  Comments: 7
Hot Issues in Application Security
Last Message: 9/24/2014
 |  Comments: 58
Creating A DDoS Response Playbook
Last Message: 9/24/2014
 |  Comments: 1
'Hand-To-Hand Digital Combat' With Threat Actors
Last Message: 9/23/2014
 |  Comments: 2
An AppSec Report Card: Developers Barely Passing
Last Message: 9/23/2014
 |  Comments: 11
US Military In The Dark On Cyberattacks Against Contractors
Last Message: 9/23/2014
 |  Comments: 2
5 Ways To Think Outside The PCI Checkbox
Last Message: 9/23/2014
 |  Comments: 6
Mobile Device Security Isn't All About Devices
Last Message: 9/22/2014
 |  Comments: 2
The Truth About Ransomware: Youre On Your Own
Last Message: 9/22/2014
 |  Comments: 1
Is Enterprise IT Security Ready For iOS 8?
Last Message: 9/22/2014
 |  Comments: 4
DR Radio: A Grown-Up Conversation About Passwords
Last Message: 9/19/2014
 |  Comments: 7
Google Backs New Effort To Simplify Security
Last Message: 9/19/2014
 |  Comments: 12
6 Tips For Securing Social Media In The Workplace
Last Message: 9/19/2014
 |  Comments: 11
Meet The Next Next-Gen Firewall
Last Message: 9/18/2014
 |  Comments: 3
Cyberspies Resuscitate Citadel Trojan For Petrochemical Attacks
Last Message: 9/18/2014
 |  Comments: 5
In Defense Of Passwords
Last Message: 9/17/2014
 |  Comments: 12
A Grown-Up Conversation About Passwords
Last Message: 9/17/2014
 |  Comments: 118
Weak Password Advice From Microsoft
Last Message: 9/17/2014
 |  Comments: 16
Worm Illuminates Potential NAS Nightmare
Last Message: 9/17/2014
 |  Comments: 6
Google: No Breach In Latest Online Dump Of Credentials
Last Message: 9/17/2014
 |  Comments: 3
Hacking Password Managers
Last Message: 9/16/2014
 |  Comments: 13
Privacy, Security & The Geography Of Data Protection
Last Message: 9/16/2014
 |  Comments: 6
Apple Pay: A Necessary Push To Transform Consumer Payments
Last Message: 9/15/2014
 |  Comments: 16
Page 1 / 2   >   >>


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-2765
PUBLISHED: 2018-08-20
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
CVE-2018-15594
PUBLISHED: 2018-08-20
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
CVE-2018-15572
PUBLISHED: 2018-08-20
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
CVE-2018-15573
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf...
CVE-2018-15574
PUBLISHED: 2018-08-20
** DISPUTED ** An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."