Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Flash Poll

Latest Content
Ransomware Response
Flash Poll  |  12/14/2020  | 
Political Climate Change
Flash Poll  |  11/2/2017  | 
Security Time
Flash Poll  |  4/14/2015  | 
Prepared for a Cyberattack?
Flash Poll  |  3/11/2015  | 
Eyes On The Analytics Prize
Flash Poll  |  3/1/2015  | 
Analyze This?
Flash Poll  |  2/1/2015  | 
Monitor Management
Flash Poll  |  1/2/2015  | 
Action Speaks Louder
Flash Poll  |  1/1/2015  | 
Reliable Sources
Flash Poll  |  12/1/2014  | 
Defending Against Malware
Flash Poll  |  11/10/2014  | 
Intelligence Hired Guns?
Flash Poll  |  11/1/2014  | 
Breach Security 101
Flash Poll  |  10/21/2014  | 
Death of the Perimeter
Flash Poll  |  10/21/2014  | 
See Something, Say Something
Flash Poll  |  10/1/2014  | 
Bashed & Shellshocked
Flash Poll  |  9/30/2014  | 
Hacking Humans
Flash Poll  |  9/5/2014  | 
Security of 'Things'
Flash Poll  |  8/21/2014  | 
Security Org Chart
Flash Poll  |  7/18/2014  | 
Risk Management Report Card
Flash Poll  |  6/16/2014  | 
Greatest Threat
Flash Poll  |  6/4/2014  | 
Lessons Learned
Flash Poll  |  6/1/2014  | 
Cyber Security Skills
Flash Poll  |  5/29/2014  | 
Cyberbreach or Cyberrisk Insurance
Flash Poll  |  5/20/2014  | 
State of IT Security
Flash Poll  |  5/5/2014  | 
Broken Heartbeat
Flash Poll  |  4/10/2014  | 
Windows XP
Flash Poll  |  4/2/2014  | 
Safety Equipment
Flash Poll  |  11/15/2013  | 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...