Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in July 2017
<<   <   Page 2 / 2
Symantec to Buy 'Browser Isolation' Firm Fireglass
Last Message: 7/6/2017
 |  Comments: 1
The Case for Crowdsourcing Security Buying Decisions
Last Message: 7/6/2017
 |  Comments: 6
8 Hot Skills Sought By IT Security Departments
Last Message: 7/5/2017
 |  Comments: 2
8tracks Hit With Breach of 18 Million Accounts
Last Message: 7/5/2017
 |  Comments: 1
Hacking Factory Robot Arms for Sabotage, Fun & Profit
Last Message: 7/4/2017
 |  Comments: 3
Apple iOS Threats Fewer Than Android But More Deadly
Last Message: 7/4/2017
 |  Comments: 5
Samsung Galaxy Security Alert: Android Backdoor Discovered
Last Message: 7/3/2017
 |  Comments: 1
8 Things Every Security Pro Should Know About GDPR
Last Message: 7/3/2017
 |  Comments: 1
Why Enterprise Security Needs a New Focus
Last Message: 7/2/2017
 |  Comments: 7
Look, But Don't Touch: One Key to Better ICS Security
Last Message: 7/2/2017
 |  Comments: 1
Compliance in the Cloud Needs To Be Continuous & Automated
Last Message: 7/2/2017
 |  Comments: 8
Anthem Agrees to $115 Million Settlement for 2015 Breach
Last Message: 7/1/2017
 |  Comments: 16
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-23485
PUBLISHED: 2022-12-10
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result an...
CVE-2022-23510
PUBLISHED: 2022-12-09
cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to ...
CVE-2022-23497
PUBLISHED: 2022-12-09
FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hash...
CVE-2022-34297
PUBLISHED: 2022-12-09
Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.
CVE-2022-45292
PUBLISHED: 2022-12-09
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.