Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in December 2020
The Coolest Hacks of 2020
Last Message: 12/31/2020
 |  Comments: 1
Ransomware Surveys Fill In Scope, Scale of Extortion Epidemic
Last Message: 12/30/2020
 |  Comments: 24
The 20 Worst Metrics in Cybersecurity
Last Message: 12/29/2020
 |  Comments: 3
Mobile App Security: 4 Critical Issues
Last Message: 12/29/2020
 |  Comments: 5
Fresh Target Breach Cards Hitting Black Market
Last Message: 12/28/2020
 |  Comments: 17
Need for 'Guardrails' in Cloud-Native Applications Intensifies
Last Message: 12/26/2020
 |  Comments: 1
5 Email Threat Predictions for 2021
Last Message: 12/24/2020
 |  Comments: 1
Why Secure Email Gateways Rewrite Links (and Why They Shouldn't)
Last Message: 12/23/2020
 |  Comments: 2
91% Of Cyberattacks Start With A Phishing Email
Last Message: 12/23/2020
 |  Comments: 6
How Attackers Use Machine Learning to Predict BEC Success
Last Message: 12/23/2020
 |  Comments: 2
Cartoon Contest: Gong Show
Last Message: 12/22/2020
 |  Comments: 29
7 Security Tips for Gamers
Last Message: 12/17/2020
 |  Comments: 1
US-CERT Reports 17,447 Vulnerabilities Recorded in 2020
Last Message: 12/17/2020
 |  Comments: 1
FireEye Breach Fallout Yet to Be Felt
Last Message: 12/17/2020
 |  Comments: 1
Name That Toon: WFH Summer 2020
Last Message: 12/17/2020
 |  Comments: 18
Open Source Developers Still Not Interested in Secure Coding
Last Message: 12/15/2020
 |  Comments: 1
The Private Sector Needs a Cybersecurity Transformation
Last Message: 12/15/2020
 |  Comments: 1
Nation-State Hackers Breached FireEye, Stole Its Red Team Tools
Last Message: 12/15/2020
 |  Comments: 3
Hacked Robots Present a New Insider Threat
Last Message: 12/12/2020
 |  Comments: 18
New IBM Mainframe Encrypts All the Things
Last Message: 12/12/2020
 |  Comments: 2
Phishing Campaign Targets 200M Microsoft 365 Accounts
Last Message: 12/10/2020
 |  Comments: 2
The Cybersecurity Skills Gap: It Doesn't Have to Be This Way
Last Message: 12/9/2020
 |  Comments: 1
Navigating the Security Maze in a New Era of Cyberthreats
Last Message: 12/9/2020
 |  Comments: 1
D-FENSE! Using Research To Craft Effective Cyber Defenses
Last Message: 12/8/2020
 |  Comments: 5
Security Slipup Exposes Health Records & Lab Results
Last Message: 12/4/2020
 |  Comments: 1
Write A Caption & Win A Prize
Last Message: 12/3/2020
 |  Comments: 134


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.
CVE-2020-21547
PUBLISHED: 2021-09-17
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
CVE-2020-21548
PUBLISHED: 2021-09-17
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
CVE-2021-39218
PUBLISHED: 2021-09-17
Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in Wasmtime. To trigger ...
CVE-2021-41387
PUBLISHED: 2021-09-17
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root.