Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Ericka Chickowski

Profile of Ericka Chickowski

Contributing Writer

News & Commentary Posts: 651

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.

Articles by Ericka Chickowski
posted in July 2016

View Content By Month

8 Bad Ass Tools Coming Out Of Black Hat

7/30/2016
Penetration testing, reverse engineering and other security tools that will be explained and released at Black Hat 2016.
Post a Comment

Multiple Major Security Products Open To Big Vulns Via 'Hooking Engines'

7/28/2016
Black Hat USA talk will show how flawed implementation of hooking techniques are putting security and other software at risk.
Post a Comment

'MouseJack' Researchers Uncover Major Wireless Keyboard Vulnerability

7/26/2016
KeySniffer attack shows two-thirds of low-cost wireless keyboards prone to keystroke capture and malicious keystroke injection.
Post a Comment

Staying Cyber Safe At The Olympics

7/16/2016
Travel tips and more in hostile environments abroad.
Post a Comment

Healthcare Hacks Face Critical Condition

7/12/2016
It's not just SSNs and credit cards -- detailed patient records and full EHR databases are targeted by cybercriminals today.
Post a Comment

8 Ways Ethically Compromised Employees Compromise Security

7/10/2016
From audit cheats to bringing data to a new job, unscrupulous employees put organizations at risk.
Post a Comment

Ripping Away The Mobile Security Blanket

7/7/2016
Upcoming Black Hat USA talk will highlight vulns in Good Technology platform and discuss the dangers of overreliance on enterprise mobility security suites.
Post a Comment

Editors' Choice

Securing and Monitoring Networks in the 'New Normal'

Protecting Your Enterprise's Intellectual Property

ROI and Beyond for the Cloud

Webinar Archives

White Papers

MPLS, SD-WAN and SASE

What To Consider Before Renewing Your SD-WAN

2020 Gartner Market Guide for Network Detection & Response

From MFA to Zero Trust

Two-Factor Evaluation Guide

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Your password expired and you have been locked out of your machine. Give me your new 2FA code to continue.

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

Assessing Cybersecurity Risk in Today's Enterprises

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

The Malware Threat Landscape

How Data Breaches Affect the Enterprise (2020)

Building an Effective Cybersecurity Incident Response Team

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-12512
PUBLISHED: 2021-01-22

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting

CVE-2020-12513
PUBLISHED: 2021-01-22

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.

CVE-2020-12514
PUBLISHED: 2021-01-22

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd

CVE-2020-12525
PUBLISHED: 2021-01-22

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.

CVE-2020-12511
PUBLISHED: 2021-01-22

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]