Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Dark Reading Now HTTPS
Newest First  |  Oldest First  |  Threaded View
csanders
csanders,
User Rank: Author
9/20/2017 | 2:29:04 PM
Re: Not Showing HTTPS is being secure
Yes, it seems they still use mixed content (embbeded content from non-HTTPS sites). In this event it is still possible for attackers to inject content into the site if they are MITMing your connection. Additionally, it may be  possible for a passive individual monitoring the network to determine what article/page you are looking at based on other non-HTTPS pages that were requested. Still this is a good first step on the path to providing a fully secured experience. 
Hack4GoodNotBad
Hack4GoodNotBad,
User Rank: Apprentice
9/1/2017 | 2:09:47 PM
Not Showing HTTPS is being secure
When I am this site and using chrome, I do not see the secure message like other https sites 

This is the message chrome shows when looking at the https

your connection to this site is not fully secure

 
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
8/31/2017 | 5:49:49 PM
Hurrah!
As a leading InfoSec pub, this is an important step in DR's evolution. Glad to see this update to the site!
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
8/30/2017 | 9:12:53 AM
Re: HTTPS: not quite right
Thanks for calling our attention to this. We are looking into it. -The Editors
KeesM
KeesM,
User Rank: Apprentice
8/30/2017 | 3:26:17 AM
HTTPS: not quite right
Unfortunately, when clicking the HTTPS link, I got redirected to a page stating:

Server Error in Application "WWW.DARKREADING.COM"
HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Requested URL    ht tp://www.darkreading.com:80/admin/ ht tps:/www.darkreading.com/
Physical Path    d:\live\web\www.darkreading.com\admin\ ht tps:\www.darkreading.com\
(without spaces between ht tp)


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31943
PUBLISHED: 2022-07-01
MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability.
CVE-2022-32093
PUBLISHED: 2022-07-01
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.
CVE-2022-32094
PUBLISHED: 2022-07-01
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.
CVE-2022-32095
PUBLISHED: 2022-07-01
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.
CVE-2022-32384
PUBLISHED: 2022-07-01
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.