Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How To Share Threat Intelligence Through CISA: 10 Things To Know
Newest First  |  Oldest First  |  Threaded View
li'l ciso
li'l ciso,
User Rank: Strategist
4/12/2016 | 11:55:17 AM
Check your sources!
Why is UnitedLex a source for cybersecurity?  They're a firm that does e-discovery.  It looks like UntiredLex hired a lawyer who can maybe try to talk law firms out of more billable hours for cyber work, too.  This truly is a crowded field. Biggest threat to organizations is supposed cyber "experts". Good grief.
FutureDanger
FutureDanger,
User Rank: Apprentice
3/28/2016 | 11:32:19 AM
Europeans' personal data?
Be particularly careful of Europeans' personal data. But screw your own countrymen.
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
3/28/2016 | 9:35:27 AM
Privacy
It's also worth pointing out that there's nothing stopping new laws or regulations broadening the allowable use of this stockpiled information -- regardless of what the rules are now.

(And, of course, this is to say nothing about the idea of agencies breaking the rules that govern them.)


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-46826
PUBLISHED: 2022-12-08
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
CVE-2022-46827
PUBLISHED: 2022-12-08
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
CVE-2022-46828
PUBLISHED: 2022-12-08
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46829
PUBLISHED: 2022-12-08
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
CVE-2022-46830
PUBLISHED: 2022-12-08
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.