Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Ukraine Sees Surge in Election-Targeted Cyberattacks
Newest First  |  Oldest First  |  Threaded View
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/29/2019 | 11:14:31 AM
Re: Ukraine - close to Russia
So - for a laugh - I suppose the winner will be investigated for collusion with the United States??? LOL Interesting point. However issue is really serious, you want to keep election secured.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
1/29/2019 | 11:13:34 AM
phishing techniques
Attackers are using a variety of phishing techniques in addition to simply purchasing stolen credentials Obviously it always comes down the credentials, easiest way to hack.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
1/25/2019 | 2:27:51 PM
Ukraine - close to Russia
So - for a laugh - I suppose the winner will be investigated for collusion with the United States???  LOL


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28898
PUBLISHED: 2021-04-15
In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation.
CVE-2021-28055
PUBLISHED: 2021-04-15
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.
CVE-2021-31402
PUBLISHED: 2021-04-15
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
CVE-2021-26582
PUBLISHED: 2021-04-15
A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).
CVE-2021-29433
PUBLISHED: 2021-04-15
### Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. ### Patches Fixed by 3175fd3. ### Workarounds There are no known workarounds. ### References n/a ### For ...