Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Senate Bill Seeks Greater NSA Surveillance Oversight
Newest First  |  Oldest First  |  Threaded View
MedicalQuack
MedicalQuack,
User Rank: Apprentice
6/25/2013 | 11:01:22 PM
re: Senate Bill Seeks Greater NSA Surveillance Oversight
Gen. Keith Alexander video was pretty scary as being in tech it sounded to me like they didn't include system admins within group policy monitoring nor were there adequate audit trails. It was a joke to listen to just as were Feinstein and Pelosi as she was addressing some very intelligent people, folks who write complex programs and are system administrators themselves...again...we are beyond the magpie "me toos" that they offered as it meant nothing.

How about some digital laws that finally are specific to IT infrastructures...lol...I know scares the daylights out of congress...but they have to do it.

http://ducknetweb.blogspot.com...

Also never seen such a group that was afraid to take time and educate themselves, as I have been a big proponent of restoring the Office of Technology Assessment...that's a tool for all of them to use...but even if they did restore the office and get help on board how many would use it..the next question...what a bunch of "its for those guys over there" paradigms...

http://ducknetweb.blogspot.com...

Want to catch a thief, well then think like one, want to catch a systems administrator, well then think like one. The side show the White House and Congress is running is indeed sad and there will be little support from technology companies because their politics are just walking all over folks like me with thinking they are superior when the truth is known it's the other way around. There's a great former Wall Street Quant who does a really good job with this and talks even about her days working at DE Shaw with Larry Summers. It is funny to hear her say and at the same time feel insulted when they would come back on all her hard futures work and want the charts in blue and red:) Nerds re never in control and she's right and thus so there will be little or no support to the government in the Snowden effort, self opinion included. Give Cathy's video a look and you won't be sorry and it's a good learning experience.

http://ducknetweb.blogspot.com...

Sadly a while back I said myself that the White House cabinet was catching the digital illiterate GOP virus going around and it's about what we are seeing.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises address the associated security risks. This report - a compilation of cutting-edge Black Hat research, in-depth Omdia analysis, and comprehensive Dark Reading reporting - explores how cloud security is rapidly evolving.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-48176
PUBLISHED: 2023-01-31
Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
CVE-2022-45897
PUBLISHED: 2023-01-31
On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.
CVE-2022-32528
PUBLISHED: 2023-01-30
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read files in the IGSS project report directory when an attacker sends specific messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
CVE-2022-32529
PUBLISHED: 2023-01-30
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versio...
CVE-2022-32747
PUBLISHED: 2023-01-30
A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxureâ„¢ Cybersecurity Admin Expert (CAE) (Vers...