Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by DarkReadingTim

DarkReadingTim
Member Since: March 12, 2014
Strategist
Blog Posts: 1718
Posts: 238

posted in October 2009

15 items
CSI Speakers Offer Advice On Risk Assessment, Reporting
News  |  10/30/2009  | 
Security professionals must not be able to only evaluate risk, but also report it in a way top executives can understand, experts say
Facebook Phishing Attack Powered By Zeus Botnet, Researchers Say
Quick Hits  |  10/28/2009  | 
Scam email messages being generated at a rate of 1,000 per minute
From Security Perspective, Windows 7 Off To A Rocky Start
News  |  10/22/2009  | 
Experts express consternation over early vulnerabilities, UAC configuration issues
FTC Orders ChoicePoint To Pay $275,000 For 2008 Data Breach
Quick Hits  |  10/21/2009  | 
Agency alleges that data broker didn't do enough to protect information after massive breach in 2005
'Middlemen' Drive Distribution Of Rogue Security Software, Report Says
Quick Hits  |  10/19/2009  | 
Symantec study says networks of 'affiliates' are paid between a penny and 55 cents for each download of scareware
Security Software's New Form Factor: Free
News  |  10/16/2009  | 
Emerging vendors find viral marketing works very well in security arena
DNS Error Causes Sweden To Go Offline
Quick Hits  |  10/14/2009  | 
Failed software update causes ".se" domain to temporarily disappear from Web
Patch Tuesday Is Microsoft's Biggest Ever
News  |  10/13/2009  | 
Thirteen security bulletins address 34 vulnerabilities -- 22 of them critical
Adobe Issues Patches For Critical PDF Flaws
Quick Hits  |  10/13/2009  | 
Vulnerabilities in Adobe Reader, Acrobat are already being exploited in the wild
Software Piracy Increasingly Leading To Malware Infection, Study Says
Quick Hits  |  10/12/2009  | 
More than 40 percent of software on PCs is pirated, Business Software Alliance reports
Dark Reading Launches Vulnerability Management Tech Center
Commentary  |  10/12/2009  | 
Today Dark Reading launches a new feature: the Vulnerability Management Tech Center, a subsite of Dark Reading devoted to bringing you news, product information, opinion, and analysis of the technologies and practices used to identify and eradicate security vulnerabilities from enterprise IT environments.
Congressmen Inquire About JPMorgan Chase Breach
Quick Hits  |  10/9/2009  | 
Lawmakers say they want to know about personal data contained in missing computer tape
Enterprises Confident In Defenses Against External Attacks, Study Says
Quick Hits  |  10/7/2009  | 
Eighty-five percent of IT security decision makers believe data loss through hacking is 'very unlikely'; internal leaks are primary concern
Breach At Pharmaceutical Benefits Company May Have Affected 700,000
Quick Hits  |  10/5/2009  | 
FBI investigation of 2008 incident leads Express Scripts to notify hundreds of thousands about potential breach
U.S. Government Suffers 'Largest Release Of Personally Identifiable Information Ever'
Quick Hits  |  10/2/2009  | 
Records of more than 70 million military personnel may be at risk after loss of unerased hard drive, report says


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-23599
PUBLISHED: 2022-01-28
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the image_view_fullscree...
CVE-2022-0395
PUBLISHED: 2022-01-28
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-21721
PUBLISHED: 2022-01-28
Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in ...
CVE-2022-23598
PUBLISHED: 2022-01-28
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value w...
CVE-2021-4160
PUBLISHED: 2022-01-28
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis sug...