Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

3/23/2020
10:45 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

8 Infosec Page-Turners for Days Spent Indoors

Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
1 of 9

1 of 9
Comment  | 
Print  | 
Comments
Threaded  |  Newest First  |  Oldest First
DavidY927
100%
0%
DavidY927,
User Rank: Apprentice
3/23/2020 | 12:08:32 PM
The Cuckoo's Egg by Clifford Stoll
A good read from the distant past is The Cuckoo's Egg, Clifford Stoll stumbles into Cybersecurity (before it was known as such) by looking into an accounting error.

https://www.simonandschuster.com/books/The-Cuckoos-Egg/Cliff-Stoll/9781416507789
makanaki01
100%
0%
makanaki01,
User Rank: Apprentice
3/23/2020 | 6:35:27 PM
Re: The Cuckoo's Egg by Clifford Stoll
This is a good piece. 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
GDPR Enforcement Loosens Amid Pandemic
Seth Rosenblatt, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4306
PUBLISHED: 2020-05-29
IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
CVE-2020-4352
PUBLISHED: 2020-05-29
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427.
CVE-2020-4490
PUBLISHED: 2020-05-29
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 1...
CVE-2020-5572
PUBLISHED: 2020-05-29
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-5573
PUBLISHED: 2020-05-29
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.