Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
8/6/2015
05:15 PM
David Spark
David Spark
Partner Perspectives
Connect Directly
Twitter
RSS
50%
50%

What Should the Users of Ashley Madison Do?

Security-minded professionals offer their advice at Black Hat party.

So much has been written about the Ashley Madison hack, and more has been written about how organizations can respond and survive a breach. But security pros have yet to offer any advice to the users of Ashley Madison as to what they can do now. At GuidePoint Security’s “Ask the Experts” party at the 2015 Black Hat Conference, I asked security-minded people for advice on what users of Ashley Madison should do now. After they gave me a lot of “I told you so” advice, I pushed them for some real guidance. Unfortunately, not much of it was that helpful.

David Spark is a veteran tech journalist and founder of the brand journalism firm Spark Media Solutions. Spark has reported on the tech scene for more than 18 years in more than 40 media outlets. He blogs regularly at the Spark Minute, and you can listen to him weekly on his ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/7/2015 | 8:35:14 AM
Just wait and pray I guess
There is really nothing you can do if you are the users besides wait and ride it out. I think before signing up you should definitely understand the implications of what might happen if you were caught and if you were not equipped to handle them you should not sign up.
sford33601
50%
50%
sford33601,
User Rank: Apprentice
8/7/2015 | 8:05:15 AM
What Shoud the Users of Ashley Madison Do?
What Shoud the Users of Ashley Madison Do?...not cheat on their spouses :)
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.