Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The New Shadow IT: Custom Data Center Applications
Newest First  |  Oldest First  |  Threaded View
Catherine Hudson
50%
50%
Catherine Hudson,
User Rank: Apprentice
5/18/2017 | 1:08:32 PM
Measures
Thank you, for raising a topical issue. I think SAM tools, such as Binadox, can help to solve at least part of the issue. They monitor SaaS subscription and usage events and thus, you can analyze what applications are used by your employees and decide what exposures they have to take measures.
BrooklynNellie2
100%
0%
BrooklynNellie2,
User Rank: Strategist
4/11/2017 | 8:49:47 AM
Re: The subject of your site is awesome and i'm interested to know more about..
Where's the "report spam" button?
MoleanM781
33%
67%
MoleanM781,
User Rank: Apprentice
4/8/2017 | 3:59:12 AM
The subject of your site is awesome and i'm interested to know more about..
I'm extremely pleased to discover this site. I want to to thank you for your time for this particularly wonderful read!! I definitely loved every part of it and I have you bookmarked to check out new stuff in your site.<br/><a href="https://www.hoursguru.com/bdm-customs/" >Bdm Customs Near Me</a><br/><a href="https://www.hoursguru.com/a-and-w-distributor/" >A & W Distributor Working Hours</a>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29446
PUBLISHED: 2021-04-16
jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29451
PUBLISHED: 2021-04-16
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.
CVE-2021-29452
PUBLISHED: 2021-04-16
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this ...
CVE-2021-29444
PUBLISHED: 2021-04-16
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDec...