Comments
91% Of Cyberattacks Start With A Phishing Email
Newest First  |  Oldest First  |  Threaded View
goldhand
50%
50%
goldhand,
User Rank: Apprentice
2/19/2018 | 6:12:16 AM
Great!
I really like the dear information you offer in your articles. I'm able to bookmark your site and show the kids check out up here generally. Im fairly positive theyre likely to be informed a great deal of new stuff here than anyone.

slope
davburnett
0%
100%
davburnett,
User Rank: Apprentice
9/25/2017 | 6:08:27 AM
Re: Hmm Phishy
What's most concerning is the number of CISO's and IT people in a position of responsibility that believe training/human awareness is the answer to protecting against phishing attacks.
Row3n
50%
50%
Row3n,
User Rank: Strategist
12/14/2016 | 10:16:38 PM
Re: Hmm Phishy
You would think that by now that people would have the sense to see these "congratulations you've won a million dollars" emails and know better! I mean, of course hackers are getting more and more sophisticated, but a great number of these crazy spam emails are obvious as heck that that's precisely what they are!
hxrrison
100%
0%
hxrrison,
User Rank: Apprentice
12/13/2016 | 11:24:31 AM
Hmm Phishy
Phishing threat is reduced when phishing drills are run. Funny that a company that does that exact thing would come up with that solution.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15473
PUBLISHED: 2018-08-17
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-15471
PUBLISHED: 2018-08-17
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or c...
CVE-2018-6622
PUBLISHED: 2018-08-17
An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can...
CVE-2018-14057
PUBLISHED: 2018-08-17
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
CVE-2018-14058
PUBLISHED: 2018-08-17
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.