Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by CNACHREINER981

CNACHREINER981
Member Since: April 17, 2014
Author
Blog Posts: 19
Posts: 27

Most Recently Posted

All (46)           Blogs (19)           Comments (27)          
All
What the Sci-Fi Hit Altered Carbon Teaches Us About Virtualization Security
Commentary  |  10/7/2020  | 
The Netflix show may be fantastical, but it has real-world lessons about virtualization.
Why Ransomware Will Soon Target the Cloud
Commentary  |  2/11/2020  | 
As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.
Spring Clean Your Security Systems: 6 Places to Start
Commentary  |  5/2/2018  | 
The sun is shining and you have an extra kick in your step. Why not use that newfound energy to take care of those bothersome security tasks you've put off all winter?
Online Ads vs. Security: An Invisible War
Commentary  |  3/15/2018  | 
Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
Passwords: 4 Biometric Tokens and How They Can Be Beaten
Commentary  |  1/31/2018  | 
Authentication security methods are getting better all the time, but they are still not infallible.
How Hackers Hide Their Malware: Advanced Obfuscation
Commentary  |  8/30/2017  | 
Hackers continue to develop new ways to break into systems. Here are three of them, along with ways to fight back.
How Hackers Hide Their Malware: The Basics
Commentary  |  8/29/2017  | 
Malware depends on these four basic techniques to avoid detection.
What Role Should ISPs Play in Cybersecurity?
Commentary  |  4/26/2017  | 
There are many actions ISPs could do to make browsing the Web safer, but one thing stands out.
Comment: Re: 192.168.0.1 - CNACHREINER981 - 3/24/2017
Phishing Your Employees for Schooling & Security
Commentary  |  3/22/2017  | 
Your education program isn't complete until you test your users with fake phishing emails.
Biometric Technology Is Not A Cure-All For Password Woes
Commentary  |  12/7/2016  | 
No single authentication token is infallible. The only real solution is multifactor authentication.
7 Security Lessons The Video Game Industry Can Teach IoT Manufacturers
Commentary  |  11/1/2016  | 
The Internet of Things has alarming holes in security. The industry should look to video games for some answers.
Better Locks Than Back Doors: Why Apple Is Right About Encryption
Commentary  |  3/1/2016  | 
What the landmark privacy case and a new documentary about Stuxnet both have to say about the encryption versus government oversight debate.
5 Reasons You 'Better Call Saul' To Protect Corporate Data
Commentary  |  4/8/2015  | 
These pop-culture lessons from the entertaining Breaking Bad spinoff will make security awareness training both fun and effective.
Our Governments Are Making Us More Vulnerable
Commentary  |  2/19/2015  | 
Stuxnet opened Pandoras box and today state-sponsored cyber security policies continue to put us at risk. Here are three reasons why.
Why Cyber Security Starts At Home
Commentary  |  11/17/2014  | 
Even the grandmas on Facebook need to know and practice basic security hygiene, because what happens anywhere on the Internet can eventually affect us all.
Comment: Re: passwords - CNACHREINER981 - 9/17/2014
Comment: Re: passwords - CNACHREINER981 - 9/17/2014
Comment: Re: passwords - CNACHREINER981 - 9/17/2014
In Defense Of Passwords
Commentary  |  9/16/2014  | 
Long live the password (as long as you use it correctly along with something else).
The Perfect InfoSec Mindset: Paranoia + Skepticism
Commentary  |  7/29/2014  | 
A little skeptical paranoia will ensure that you have the impulse to react quickly to new threats while retaining the logic to separate fact from fiction.
Dont Let Lousy Teachers Sink Security Awareness
Commentary  |  6/11/2014  | 
You can't fix a human problem with a technology solution. Here are three reasons why user education can work and six tips on how to develop a corporate culture of security.
How A Little Obscurity Can Bolster Security
Commentary  |  4/17/2014  | 
Most security professionals deride the idea of "security by obscurity." Is it time to re-evaluate the conventional wisdom?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-42247
PUBLISHED: 2022-10-03
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
CVE-2022-41443
PUBLISHED: 2022-10-03
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
CVE-2022-33882
PUBLISHED: 2022-10-03
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.
CVE-2022-42306
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
CVE-2022-42307
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.