Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

In Brief: The Unusual Suspects -- DeMystifying Attack Groups

50%
50%

Sponsored: Colin McKinty, vice president of cybersecurity strategy, Americas, for BAE Systems joins Brian Gillooly at the RSA Conference to talk about how knowledge of your adversary -- and knowing that they are, after all, just fallible human beings -- can be used to fight back. For the full interview, see here.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
sukkuram
50%
50%
sukkuram,
User Rank: Apprentice
8/4/2016 | 6:47:49 AM
Re: brief suspects
nyc post buddy
Raymacmurray
50%
50%
Raymacmurray,
User Rank: Apprentice
7/15/2016 | 5:16:00 AM
Re: brief suspects
great post nice
balwinderpal
50%
50%
balwinderpal,
User Rank: Apprentice
7/2/2016 | 3:22:22 AM
brief suspects
nice post
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20120
PUBLISHED: 2021-09-28
ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.
CVE-2020-20122
PUBLISHED: 2021-09-28
Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.
CVE-2020-20124
PUBLISHED: 2021-09-28
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.
CVE-2020-20125
PUBLISHED: 2021-09-28
EARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability in espcms_web\espcms_load.php.
CVE-2021-41106
PUBLISHED: 2021-09-28
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with `Lcobucci\JWT\Signer\Key\LocalFileReference` as key are having their tokens issued/validated using the file path as h...