Advertise

Slideshows

Content posted in April 2013

View Content By Month

10 Top Password Managers

Slideshows | 4/30/2013 |

44 comments

Tired of being stuck in password hell? Consider these password managers that balance security with convenience.

Slide Show: 8 Egregious Examples Of Insider Threats

Slideshows | 4/9/2013 |

1 comment

Real-world case studies from the CERT Insider Threat Center

View Content by Month

[close this box]

Hot Topics

Editors' Choice

Weaponizing IPv6 to Bypass IPv4 Security

John Anderson, Principal Security Consultant, Trustwave Spiderlabs, 6/12/2018

'Shift Left' & the Connected Car

Rohit Sethi, COO of Security Compass, 6/12/2018

Microsoft Fixes 11 Critical, 39 Important Vulns

Kelly Sheridan, Staff Editor, Dark Reading, 6/12/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

2018 Security Report

Microsoft Fixes 11 Critical, 39 Important Vulns

CIAM vs. IAM - How Customer IAM differs from traditional IAM

[Cybersecurity] 11 key points to consider when choosing a solution

What attacks aren't you seeing?

More White Papers

Video

All Videos

Cartoon

Latest Comment: IT'S A BEAUTIFUL WALL! AND MEXICO WILL PAY FOR IT!

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-1060
PUBLISHED: 2018-06-18

python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

CVE-2018-1090
PUBLISHED: 2018-06-18

In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.

CVE-2018-1152
PUBLISHED: 2018-06-18

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

CVE-2018-1153
PUBLISHED: 2018-06-18

Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.

CVE-2018-12530
PUBLISHED: 2018-06-18

An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.

Terms of Service
Privacy Statement
Legal Entities