Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

RSA Conference 2014: Complete Coverage

Catch up on RSA Conference 2014 with our round-up of articles leading up to, from, and after the event

>> Securing Software Requires Design, Testing and Improvement
Adopting secure development, incorporating frequent testing, and creating measures of software security are important to create more secure code

>> Security Firms Face Crisis Of Trust
Mikko Hypponen reflects on shift toward rampant government spying and use of malware -- and targeted attack attempts on F-Secure

>> Researchers Create Legal Botnet Abusing Free Cloud Service Offers
Hack depends on scripts creating scores of unique email addresses and automating execution of email verification

>> Hacking Critical Infrastructure Companies -- A Pen Tester's View
At the RSA Conference, a pen tester outlines some of the elements of a successful attack on energy companies

>> Supply-Chain Threats Still An Uncertain Danger
With a global manufacturing economy muddying the definition of a foreign product, nations are still hashing out strategies to secure their supply chains

>> Today's Network Security Challenges: No Easy Answers
The BYOD trend and proliferation of mobile devices are making life hard for security teams, but solutions are elusive, panelists say at RSA Conference 2014

>> Headline Here
Dek here

>> Today's Network Security Challenges: No Easy Answers
The BYOD trend and proliferation of mobile devices are making life hard for security teams, but solutions are elusive, panelists say at RSA Conference 2014

>> Fewer Than Half Of IT Pros At RSA Conference Say NSA Went Too Far
Spying revelations and document leaks a big theme at RSA Conference 2014, but views on the controversy are split

>> Big Data A Big Focus Of Security Analytics Products
At the RSA Conference in San Francisco, vendors pitched big the importance of properly leveraging big data to improve security

>> IBM Software Vulnerabilities Spiked In 2013
Most code flaws still involve non-Microsoft products, and overall patching speed has improved, study presented at RSA conference finds

>> More Than 100 Flavors Of Malware Stealing Bitcoins
Specialized form of malware empties electronic wallets of digital currency, and antivirus often misses it

>> Juniper Security Chief Takes Swipe At Security Apathy
Juniper Security Chief Takes Swipe At Security Apathy

>> Coviello: RSA Security's Work With NSA 'A Matter Of Public Record'
RSA chairman calls for global intelligence community reforms, spinning IAD off from NSA

>> Microsoft Beefs Up EMET
Early release of anti-exploit tool shuts down bypass methods created by Bromium Labs

>> NSA Spying Scandal Darkens Cloud Discussions At RSA
From Europe's efforts to create regulations for data localization to worries over the security of the cloud, the leaks of the past eight months have cast a shadow over cloud providers

>> Cisco-Sourcefire Integration Takes Shape
Integration includes adding Sourcefire's AMP technology into its email and Web security appliances

>> Researchers Bypass Protections In Microsoft's EMET Security Tool
Bromium Labs researchers create exploit that the Enhanced Mitigation Experience Toolkit (EMET) 4.1 can't detect

>> Is The Hypervisor Security's Goldilocks Zone?
RSA presentation to put virtualization forward as a tool to fix security's architectural problems

>> Solving The Security Workforce Shortage
To solve the skills shortage, the industry will need to attract a wider group of people and create an entirely new sort of security professional

>> Algosec Partners With Qualys
New integration delivers application-centric vulnerability management, aggregating and scoring vulnerabilities based on risk and continuously monitoring for changes within data center environments

>> Microsoft Windows Crash Reports Reveal New APT, POS Attacks
Researchers discover zero-day attacks after studying the contents of various "Dr. Watson" error reports

>> U.S. Running Out Of Allies In On Cyber Battlefield
International cyber policy and enforcement, and ownership over the Internet are thorny topics that will be tackled at the 2014 RSA Conference next week

>> Abusing Cloud Services for Cybercrime
At the upcoming RSA conference, researchers will discuss how a lack of anti-automation protections allow attackers to take advantage of free cloud services

>> RSA Conference Controversy Swirls, Spurs Debate Over Boycotts
Talk of boycotts has circled the RSA conference, but what will the outcome of it all be?

>> 9 Security Experts Boycott RSA Conference
Several leading security experts have pulled out of the RSA conference over unanswered questions concerning the NSA's $10 million payment to RSA

>> Using Attackers' Tactics To Battle Banking Trojans
At the upcoming RSA conference, Trustwave researchers will discuss using obfuscation to break the functionality of banking Trojans, such as ZeuS

RSA LIBRARY
RSA Conference 2013 Coverage
RSA Conference 2012 Coverage

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16395
PUBLISHED: 2019-09-17
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.
CVE-2019-16396
PUBLISHED: 2019-09-17
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
CVE-2019-16199
PUBLISHED: 2019-09-17
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.
CVE-2019-16391
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.
CVE-2019-16392
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.