Slideshows

Content posted in October 2016
5 Signs Your Smartphone Has Been Hacked
Slideshows  |  10/28/2016  | 
Mobile devices are increasingly popular vectors for cybercriminals targeting the enterprise. How to tell when a smartphone may be under attack.
7 Scary Ransomware Families
Slideshows  |  10/25/2016  | 
Here are seven ransomware variants that can creep up on you.
7 Imminent IoT Threats
Slideshows  |  10/21/2016  | 
Attacks against smart home products, medical devices, SCADA systems, and other newly network-enabled systems signal the beginning of a new wave of attacks against the IoT.
9 Sources For Tracking New Vulnerabilities
Slideshows  |  10/20/2016  | 
Keeping up with the latest vulnerabilities -- especially in the context of the latest threats -- can be a real challenge.
7 Regional Hotbeds For Cybersecurity Innovation
Slideshows  |  10/18/2016  | 
These regions are driving cybersecurity innovation across the US with an abundance of tech talent, educational institutions, accelerators, incubators, and startup activity.
5 Tips For Keeping Small Businesses Secure
Slideshows  |  10/17/2016  | 
In honor of National Cyber Security Awareness Month, a look at that five-step process developed by the BBB and NCSA.
Happy 30th Birthday CFAA!
Slideshows  |  10/14/2016  | 
Six things we still dont know about the Computer Fraud and Abuse Act after all this time.
7 Ways Electronic Voting Systems Can Be Attacked
Slideshows  |  10/13/2016  | 
Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors, but risks remain.
Inside A Bug-Hunter's Head: 6 Motivators
Slideshows  |  10/7/2016  | 
Who are bug bounty hunters, and why do they hack? We dig inside the motivators driving today's hackers to seek vulnerabilities.
5 Ways To Lock Down Your Login
Slideshows  |  10/4/2016  | 
New public awareness campaign inspired by the White House calls for users to think more carefully about stronger authentication.
16 Innovative Cybersecurity Technologies Of 2016
Slideshows  |  10/3/2016  | 
This year's SINET 16 Innovators were chosen from 82 applicants representing nine countries.


Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Microsoft Fixes 11 Critical, 39 Important Vulns
Kelly Sheridan, Staff Editor, Dark Reading,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1060
PUBLISHED: 2018-06-18
python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2018-1090
PUBLISHED: 2018-06-18
In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.
CVE-2018-1152
PUBLISHED: 2018-06-18
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
CVE-2018-1153
PUBLISHED: 2018-06-18
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.
CVE-2018-12530
PUBLISHED: 2018-06-18
An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.