Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in June 2021
Cartoon Caption Winner: In Tow
Last Message: 6/30/2021
 |  Comments: 1
Name That Toon: Sight Unseen
Last Message: 6/28/2021
 |  Comments: 13
Name That Toon: Sight Unseen
Last Message: 6/28/2021
 |  Comments: 11
Researchers Unearth 167 Fake iOS & Android Trading Apps
Last Message: 6/25/2021
 |  Comments: 1
Attackers Find New Way to Exploit Google Docs for Phishing
Last Message: 6/24/2021
 |  Comments: 1
What the FedEx Logo Taught Me About Cybersecurity
Last Message: 6/21/2021
 |  Comments: 1
How President Biden Can Better Defend the US From Russian Hacks
Last Message: 6/21/2021
 |  Comments: 2
Cybercrime May Be the World's Third-Largest Economy by 2021
Last Message: 6/19/2021
 |  Comments: 2
Ransomware Is Not the Problem
Last Message: 6/10/2021
 |  Comments: 1
Name That Edge Toon: In Tow
Last Message: 6/7/2021
 |  Comments: 7
How Can I Help Remote Workers Secure Their Home Routers?
Last Message: 6/7/2021
 |  Comments: 3
The Makings of a Better Cybersecurity Hire
Last Message: 6/7/2021
 |  Comments: 1
The Colonial Pipeline Attack Is Your Boardroom Wake-Up Call
Last Message: 6/4/2021
 |  Comments: 1
Name That Toon: Road Trip
Last Message: 6/2/2021
 |  Comments: 18
Name That Toon: Road Trip
Last Message: 6/1/2021
 |  Comments: 4


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-40690
PUBLISHED: 2021-09-19
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract...
CVE-2021-41073
PUBLISHED: 2021-09-19
loop_rw_iter in fs/io_uring.c in the Linux kernel through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
CVE-2021-23441
PUBLISHED: 2021-09-19
All versions of package com.jsoniter:jsoniter are vulnerable to Deserialization of Untrusted Data via malicious JSON strings. This may lead to a Denial of Service, and in certain cases, code execution.
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.