Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Radio

Dark Reading Radio LIVE from Black Hat 2014
Date / Time: Thursday, August 07, 2014, 7:00 PM New York / 4:00 PM San Francisco
Click here to register
Overview:

Black Hat is the biggest security conference of the year and Dark Reading will be there. This year, for the first time, the editors and contributors of Dark Reading will bring you the action straight from the Mandalay Bay Convention Center in four incredible episodes of Dark Reading Radio.

Join us for the full one-hour radio show and the complete online discussion that will go along with the interviews. It's sure to be great information -- and you never know who's going to drop into the studio!

Check back here for more information on our guests and the amazing topics we'll be bringing you -- and drop into the discussion early to let us know what you want to hear about the goings-on at Black Hat!

UPDATE!

Dark Reading editors are lining up great guests for all our live episodes. First up for this program is:

Androids Fake ID Vulnerability

Jeff Forristal -- Blue Box Security
Every Android application has its own unique identity, typically inherited from the corporate developers identity. The Bluebox Security research team recently discovered a new vulnerability in Android, which allows these identities to be copied and used for nefarious purposes. Fresh from his Black Hat presentation, Jeff Forristal will walk through the technical root cause of this responsibly disclosed vulnerability and explain why it's a problem and how an attacker could create an exploit for it.
Jeff Forristal is a security technology professional with over a decade of experience in the security industry. Jeff has written multiple features and cover-story articles for Network Computing and Secure Enterprise magazines; he is also a contributing author to multiple books. Under the pseudonym "Rain Forest Puppy," Jeff has been recognized as an industry expert in web application security and was responsible for the first publicized responsible security disclosure policy (2000), the first publicized recognition of SQL injection (Phrack, 1998), and the first intelligent open source web application scanner (Whisker, 1999).

Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-45661
PUBLISHED: 2022-12-02
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.
CVE-2022-45663
PUBLISHED: 2022-12-02
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.
CVE-2022-45664
PUBLISHED: 2022-12-02
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.
CVE-2022-45667
PUBLISHED: 2022-12-02
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2022-45668
PUBLISHED: 2022-12-02
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.