Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cartoon Contest: Second Wind
Threaded  |  Newest First  |  Oldest First
ddmclamb
0%
100%
ddmclamb,
User Rank: Apprentice
10/3/2019 | 3:30:15 PM
My feet
My feet are so tired. Wouldn't it be easier if we let the wind turn those things?
mstrmac
0%
100%
mstrmac,
User Rank: Apprentice
10/10/2019 | 4:23:45 PM
Telework
I regret skimming over the telework agreement.
BCURTIS581
67%
33%
BCURTIS581,
User Rank: Apprentice
10/11/2019 | 1:48:01 PM
Mergers
Now that the merger of the cubicle farm with the wind farm is compelte I hear that there are plans to merge with the dairy farm.
jevans1230
75%
25%
jevans1230,
User Rank: Strategist
10/16/2019 | 6:18:00 PM
Disaster Recovery
I've heard of using alternative power sources for Disaster Recovery but this is ridiculous. 
kratiw
0%
100%
kratiw,
User Rank: Strategist
10/31/2019 | 12:19:52 PM
Red Team Simulation
There's the Red Team again, tilting at windmills.
mongo8
50%
50%
mongo8,
User Rank: Apprentice
11/4/2019 | 11:21:42 AM
Bob
Quick...someone ask Bob about his trip to Comic-Con!
daileynicholson
50%
50%
daileynicholson,
User Rank: Strategist
11/13/2020 | 3:16:33 PM
Cartoon Contest: Second Wind
I know that these machines are suppose to be more energy efficient, but mine keeps popping up with "insufficient power".


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-40690
PUBLISHED: 2021-09-19
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract...
CVE-2021-41073
PUBLISHED: 2021-09-19
loop_rw_iter in fs/io_uring.c in the Linux kernel through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
CVE-2021-23441
PUBLISHED: 2021-09-19
All versions of package com.jsoniter:jsoniter are vulnerable to Deserialization of Untrusted Data via malicious JSON strings. This may lead to a Denial of Service, and in certain cases, code execution.
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.