Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in June 2021
Cartoon Caption Winner: In Tow
Last Message: 6/30/2021
 |  Comments: 1
Name That Toon: Sight Unseen
Last Message: 6/28/2021
 |  Comments: 13
Name That Toon: Sight Unseen
Last Message: 6/28/2021
 |  Comments: 11
Researchers Unearth 167 Fake iOS & Android Trading Apps
Last Message: 6/25/2021
 |  Comments: 1
Attackers Find New Way to Exploit Google Docs for Phishing
Last Message: 6/24/2021
 |  Comments: 1
What the FedEx Logo Taught Me About Cybersecurity
Last Message: 6/21/2021
 |  Comments: 1
How President Biden Can Better Defend the US From Russian Hacks
Last Message: 6/21/2021
 |  Comments: 2
Cybercrime May Be the World's Third-Largest Economy by 2021
Last Message: 6/19/2021
 |  Comments: 2
Ransomware Is Not the Problem
Last Message: 6/10/2021
 |  Comments: 1
Name That Edge Toon: In Tow
Last Message: 6/7/2021
 |  Comments: 6
How Can I Help Remote Workers Secure Their Home Routers?
Last Message: 6/7/2021
 |  Comments: 3
The Makings of a Better Cybersecurity Hire
Last Message: 6/7/2021
 |  Comments: 1
The Colonial Pipeline Attack Is Your Boardroom Wake-Up Call
Last Message: 6/4/2021
 |  Comments: 1
Name That Toon: Road Trip
Last Message: 6/2/2021
 |  Comments: 18
Name That Toon: Road Trip
Last Message: 6/1/2021
 |  Comments: 4

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-12-09
cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to ...
PUBLISHED: 2022-12-09
FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hash...
PUBLISHED: 2022-12-09
Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.
PUBLISHED: 2022-12-09
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.
PUBLISHED: 2022-12-09
Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the...