Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Broken Heartbeat
Threaded  |  Newest First  |  Oldest First
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/10/2014 | 12:18:53 PM
Take our flash poll on Heartbleed!
We want to know what steps you plan to take in response to the Heartbleed bug? Take our new poll, then let's chat about your reasons in the comments.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/11/2014 | 11:24:42 AM
Who's patching Heartbeat? 70% of DR poll respondents!
Interesting that more than 70 percent of respondents to our Heartbleed poll have applied the fix. Have you? Take our poll about the steps you are taking in response to the Heartbleed bug? 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/16/2014 | 3:32:22 PM
Heartbleed: Forcing users to change passwords?
Is your company forcing users to change their passwords in the wake of the heartbleed bug? If so, you're in the minority of respondents to Dark Reading's flash poll. We asked What steps do you plan to take in response to the Heartbleed bug? Just 3 out of 10 say they are getting tough with user passwords. 


Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29138
PUBLISHED: 2020-11-27
Incorrect Access Control in the configuration backup path in SAGEMCOM [email protected] NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running.
CVE-2019-19869
PUBLISHED: 2020-11-27
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. PVs could be changed (unencrypted) by using the IosHttp service and the JSON interface.
CVE-2019-19872
PUBLISHED: 2020-11-27
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. The AprolLoader could be used to inject and execute arbitrary unintended commands via an unspecified attack scenario, a different vulnerability than CVE-2019-16364.
CVE-2020-25738
PUBLISHED: 2020-11-27
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
CVE-2020-29144
PUBLISHED: 2020-11-27
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or e...