Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by PZav

PZav
Member Since: August 14, 2014
Author
Blog Posts: 5
Posts: 21

Most Recently Posted

All (26)           Blogs (5)           Comments (21)          
All
Comment: Unsafe Code - RiskIQBlogger - 8/30/2016
Comment: Re: Challenges - RiskIQBlogger - 1/4/2016
The Rise Of Community-Based Information Security
Commentary  |  12/28/2015  | 
The more vendors, service providers, and companies band together to fight security threats, the more difficult it will become for attacks to succeed.
Health Insurers Digital Footprint Widening Attack Surface
Commentary  |  4/21/2015  | 
Insurers are ripe targets for attackers since theyre efficient concentrators of every kind of data needed for identity theft, credit card and insurance fraud. Heres proof.
Comment: Is that enough? - RiskIQBlogger - 3/17/2015
The Truth About Malvertising
Commentary  |  1/16/2015  | 
Malvertising accounts for huge amounts of cyberfraud and identity theft. Yet there is still no consensus on who is responsible for addressing these threats.
Comment: Reality Bites - RiskIQBlogger - 1/12/2015
Third-Party Code: Fertile Ground For Malware
Commentary  |  10/15/2014  | 
How big-brand corporate websites are becoming a popular method for mass distribution of exploit kits on vulnerable computers.
Comment: Understanding - RiskIQBlogger - 10/9/2014
Comment: Re: Interesting - RiskIQBlogger - 8/19/2014
Why John McAfee Is Paranoid About Mobile
Commentary  |  8/19/2014  | 
Mobile apps are posing expanding risks to both enterprises and their customers. But maybe being paranoid about mobile is actually healthy for security.
Comment: Threat Intel - RiskIQBlogger - 8/14/2014


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-46561
PUBLISHED: 2022-01-26
controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before 5c50baf3bda28133a3bc90b854765a64fb538304 allows an organizational administrator to transfer a user account to an arbitrary new organization, and thereby achieve unintended access within the context of that new organizat...
CVE-2022-0368
PUBLISHED: 2022-01-26
Out-of-bounds Read in Conda vim prior to 8.2.
CVE-2021-29838
PUBLISHED: 2022-01-26
IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVE-2021-29845
PUBLISHED: 2022-01-26
IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. IBM X-Force ID: 205255.
CVE-2021-29846
PUBLISHED: 2022-01-26
IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256.