Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How To Share Threat Intelligence Through CISA: 10 Things To Know
Newest First  |  Oldest First  |  Threaded View
li'l ciso
100%
0%
li'l ciso,
User Rank: Strategist
4/12/2016 | 11:55:17 AM
Check your sources!
Why is UnitedLex a source for cybersecurity?  They're a firm that does e-discovery.  It looks like UntiredLex hired a lawyer who can maybe try to talk law firms out of more billable hours for cyber work, too.  This truly is a crowded field. Biggest threat to organizations is supposed cyber "experts". Good grief.
FutureDanger
50%
50%
FutureDanger,
User Rank: Apprentice
3/28/2016 | 11:32:19 AM
Europeans' personal data?
Be particularly careful of Europeans' personal data. But screw your own countrymen.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
3/28/2016 | 9:35:27 AM
Privacy
It's also worth pointing out that there's nothing stopping new laws or regulations broadening the allowable use of this stockpiled information -- regardless of what the rules are now.

(And, of course, this is to say nothing about the idea of agencies breaking the rules that govern them.)


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-19949
PUBLISHED: 2021-09-23
A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19950
PUBLISHED: 2021-09-23
A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19951
PUBLISHED: 2021-09-23
A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application.
CVE-2021-41088
PUBLISHED: 2021-09-23
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a r...
CVE-2021-29813
PUBLISHED: 2021-09-23
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...