Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Message Boards posted in September 2020
Page 1 / 2   >   >>
The Problem With Patching: 7 Top Complaints
Last Message: 9/30/2020
 |  Comments: 13
Hacker's Choice: Top Six Database Attacks
Last Message: 9/29/2020
 |  Comments: 1
Vulnerability Disclosure Programs See Signups & Payouts Surge
Last Message: 9/28/2020
 |  Comments: 1
Malware Attacks Declined But Became More Evasive in Q2
Last Message: 9/28/2020
 |  Comments: 1
3 Security Measures That Can Actually Be Measured
Last Message: 9/28/2020
 |  Comments: 2
Be Aware: 8 Tips for Security Awareness Training
Last Message: 9/24/2020
 |  Comments: 15
Education Gets an 'F' for Cybersecurity
Last Message: 9/24/2020
 |  Comments: 1
Why Are There Still So Many Windows 7 Devices?
Last Message: 9/24/2020
 |  Comments: 5
Four Best Practices For Tokenization
Last Message: 9/23/2020
 |  Comments: 1
Top Security To-Dos For The Entertainment Industry
Last Message: 9/23/2020
 |  Comments: 1
Don't Forget Cybersecurity on Your Back-to-School List
Last Message: 9/23/2020
 |  Comments: 1
Hacking Yourself: Marie Moe and Pacemaker Security
Last Message: 9/23/2020
 |  Comments: 1
6 Lessons IT Security Can Learn From DevOps
Last Message: 9/22/2020
 |  Comments: 2
Cybersecurity Bounces Back, but Talent Still Absent
Last Message: 9/22/2020
 |  Comments: 1
Cartoon: Zoom in the COVID-19 Era
Last Message: 9/20/2020
 |  Comments: 5
Meet the Computer Scientist Who Helped Push for Paper Ballots
Last Message: 9/18/2020
 |  Comments: 1
10 Movies All Security Pros Should Watch
Last Message: 9/18/2020
 |  Comments: 7
3 Secure Moments: A Tranquil Trio of Security Haiku
Last Message: 9/15/2020
 |  Comments: 1
Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs
Last Message: 9/15/2020
 |  Comments: 4
Virginia's Largest School System Hit With Ransomware
Last Message: 9/15/2020
 |  Comments: 1
DHS Shares Data on Top Cyber Threats to Federal Agencies
Last Message: 9/14/2020
 |  Comments: 3
VPNs: The Cyber Elephant in the Room
Last Message: 9/14/2020
 |  Comments: 2
APT Groups Set Sights on Linux Targets: Inside the Trend
Last Message: 9/14/2020
 |  Comments: 1
From Defense to Offense: Giving CISOs Their Due
Last Message: 9/12/2020
 |  Comments: 5
Ransomware Red Flags: 7 Signs You're About to Get Hit
Last Message: 9/11/2020
 |  Comments: 1
Meet the Middlemen Who Connect Cybercriminals With Victims
Last Message: 9/10/2020
 |  Comments: 1
Name That Toon: Mask Out
Last Message: 9/9/2020
 |  Comments: 9
The Risks of Remote Desktop Access Are Far from Remote
Last Message: 9/9/2020
 |  Comments: 3
How CISOs Can Play a New Role in Defining the Future of Work
Last Message: 9/8/2020
 |  Comments: 1
Bitcoin Heists Cause More Trouble
Last Message: 9/7/2020
 |  Comments: 2
10 Security Certifications To Boost Your Career
Last Message: 9/7/2020
 |  Comments: 21
Strategic Cyber Warfare Heats Up
Last Message: 9/6/2020
 |  Comments: 1
Qualys Launches Free App for IT Asset Discovery and Inventory
Last Message: 9/5/2020
 |  Comments: 2
5 Tips for Triaging Risk from Exposed Credentials
Last Message: 9/5/2020
 |  Comments: 1
5 Ways for Cybersecurity Teams to Work Smarter, Not Harder
Last Message: 9/4/2020
 |  Comments: 1
Is China the World's Greatest Cyber Power?
Last Message: 9/3/2020
 |  Comments: 2
The Hidden Costs of Losing Security Talent
Last Message: 9/3/2020
 |  Comments: 2
Should I Segment my IoT Devices Onto Their Own Networks?
Last Message: 9/3/2020
 |  Comments: 1
The Inside Threat from Psychological Manipulators
Last Message: 9/1/2020
 |  Comments: 2
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Last Message: 9/1/2020
 |  Comments: 2
Malicious Android Apps Slip Through Google Play Protection
Last Message: 9/1/2020
 |  Comments: 1
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-43705
PUBLISHED: 2022-11-27
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
CVE-2022-45934
PUBLISHED: 2022-11-27
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
CVE-2022-45931
PUBLISHED: 2022-11-27
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.
CVE-2022-45932
PUBLISHED: 2022-11-27
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.
CVE-2022-45933
PUBLISHED: 2022-11-27
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side proj...