Vulnerabilities / Threats

11/12/2018
05:00 PM
50%
50%

Paris Agreement on Cybercrime Falls Short of Unanimous Agreement

More than 50 nations and 150 global companies agree to join effort to fight cybercrime.

A group of 50 nations and 150 companies signed an agreement to fight cybercrime and other illicit activity, including election tampering and hate speech, on the Internet. French president Emmanuel Macron had pushed for the agreement, reached one day after a gathering of global leaders in Paris.

The French leader, calling for greater regulation of the Internet, said that there's an urgent need for better regulation of the global network. As part of that effort, he said that Facebook has agreed to allow a team of French officials to observe the social network's efforts to monitor and delete hate speech.

While agreed to by many, the statement, titled, "Paris call for trust and security in cyberspace," was not universally accepted, with Russia, China, and the US among the holdouts. Some American companies, will, however, be involved.

For more, read here and here

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DavidHamilton
50%
50%
DavidHamilton,
User Rank: Apprentice
1/4/2019 | 1:53:32 AM
Help when it's needed
Ok this shocks me that there could be people who wouldn't agree to such a contract. Perhaps some countries just don't want to have to protect others, but I reckon that we need everybody to cooperate to make cyberspace more protected for everyone right? How can some of them be so selfish?
UdyRegan
50%
50%
UdyRegan,
User Rank: Apprentice
12/18/2018 | 11:11:22 PM
Global concern
It takes the cooperation from everyone if we wish to make this happen. We need to know that we can get the commitment of every single party that is involved to gain as many resources as possible to eradicate this long-ongoing issue. This isn't a small matter that we are handling but it concerns every single person on earth. Now, that's a great deal of work to deal with so we need everyone's agreement!
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10014
PUBLISHED: 2019-03-24
In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated.
CVE-2019-10015
PUBLISHED: 2019-03-24
baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file.
CVE-2019-10017
PUBLISHED: 2019-03-24
CMS Made Simple 2.2.10 has XSS via the advanced_search.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.
CVE-2019-10010
PUBLISHED: 2019-03-24
Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583.
CVE-2019-9978
PUBLISHED: 2019-03-24
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.