Network Computing Dark Reading

Advertise

Risk

1/21/2014
06:43 AM

Thomas Claburn
Quick Hits

Connect Directly

0 comments
Comment Now

50%

Obama Outlines 5 Surveillance Reforms

NSA's controversial bulk collection of phone records will end, but businesses may be asked to retain data in case the government needs it

President Obama on Friday announced five changes in US surveillance policy, a move he attributed in part to the revelations about the scope of US intelligence gathering made possible by documents leaked by ex-NSA contractor Edward Snowden.

The most significant change is an end to the bulk collection of telephone records -- phonecall meta-data -- under Section 215. The President said he is ordering the gradual discontinuation of this program and the establishment of "a mechanism that preserves the capabilities we need without the government holding this bulk meta-data."

But the President conceded that alternatives, such as having a third-party or individual businesses retain data until the government comes calling, pose problems. It remains to be seen exactly what form such data collection will take.

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

[Free Virtual Event] Economizing & Innovating IT on a Shoestring

5 Ways to Jumpstart AI

More Webcasts

White Papers

Getting Cloud Management Right

10 Principles of Database Security Program Design

More White Papers

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

An Insider's View into a Supply Chain Attack

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

Be the first to post a comment regarding this story.

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 7/6/2020

Ripple20 Threatens Increasingly Connected Medical Devices

Kelly Sheridan, Staff Editor, Dark Reading, 6/30/2020

DDoS Attacks Jump 542% from Q4 2019 to Q1 2020

Dark Reading Staff 6/30/2020

Webinars

[Free Virtual Event] Economizing & Innovating IT on a Shoestring

Keeping the Business Running with Remote Network Management

Enabling a Smooth DX Transformation in the Post-Pandemic New Tomorrow

Webinar Archives

White Papers

Getting Cloud Management Right

The Threat From the Internet--and What Your Organization Can Do About It

Securing Financial Data From Within

2020 State of Malware Highlights (or Lowlights?)

The New Face of IT Automation

More White Papers

Video

All Videos

Cartoon

Latest Comment: Interesting! Kills 99% of germs and contains chilli juice to prevent you from touching your face.

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Threat from the Internet�and What Your Organization Can Do About It

This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!

Download Now!

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

0 comments

State of Cybersecurity Incident Response

0 comments

Developing and Maintaining Secure Applications

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-15570
PUBLISHED: 2020-07-06

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.

CVE-2020-15569
PUBLISHED: 2020-07-06

PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.

CVE-2020-7690
PUBLISHED: 2020-07-06

It's possible to inject JavaScript code via the html method.

CVE-2020-7691
PUBLISHED: 2020-07-06

It's possible to use <<script>script> in order to go over the filtering regex.

CVE-2020-15562
PUBLISHED: 2020-07-06

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]