Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dark Reading Article Boards

Latest Message Boards
Page 1 / 2   >   >>
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
Last Message: 9/15/2019
 |  Comments: 8
Yahoo Agrees to $80 Million Settlement with Investors
Last Message: 9/14/2019
 |  Comments: 1
Third-Party Features Leave Websites More Vulnerable to Attack
Last Message: 9/14/2019
 |  Comments: 2
Name That Toon: Sock Puppets
Last Message: 9/13/2019
 |  Comments: 1
Battling Bots: How to Find Fake Twitter Followers
Last Message: 9/12/2019
 |  Comments: 11
NetCAT Vulnerability Is Out of the Bag
Last Message: 9/12/2019
 |  Comments: 1
AI Is Everywhere, but Don't Ignore the Basics
Last Message: 9/12/2019
 |  Comments: 2
It's Not Healthy to Confuse Compliance with Security
Last Message: 9/12/2019
 |  Comments: 5
Security & the Infinite Capacity to Rationalize
Last Message: 9/12/2019
 |  Comments: 2
Fed Kaspersky Ban Made Permanent by New Rules
Last Message: 9/11/2019
 |  Comments: 1
Cartoon Contest: Bedtime Stories
Last Message: 9/11/2019
 |  Comments: 10
Cartoon: Identity Theft Mitigation
Last Message: 9/11/2019
 |  Comments: 7
Hackers Cash In On ATMs
Last Message: 9/11/2019
 |  Comments: 9
Crimeware: How Criminals Built a Business to Target Businesses
Last Message: 9/10/2019
 |  Comments: 1
Why Businesses Fail to Address DNS Security Exposures
Last Message: 9/10/2019
 |  Comments: 2
More Than 99% of Cyberattacks Need Victims' Help
Last Message: 9/10/2019
 |  Comments: 1
What Are the First Signs of a Cloud Data Leak?
Last Message: 9/10/2019
 |  Comments: 1
Black Hat: A Summer Break from the Mundane and Controllable
Last Message: 9/10/2019
 |  Comments: 1
Texas Refuses to Pay $2.5M in Massive Ransomware Attack
Last Message: 9/9/2019
 |  Comments: 1
Automation: Friend of the SOC Analyst
Last Message: 9/9/2019
 |  Comments: 1
The 7 Most Common RATS In Use Today
Last Message: 9/7/2019
 |  Comments: 4
Phishing Campaign Uses SharePoint to Slip Past Defenses
Last Message: 9/6/2019
 |  Comments: 2
ISAC 101: Unlocking the Power of Information
Last Message: 9/6/2019
 |  Comments: 1
"NSA Surveillance Can Penetrate VPNs"
Last Message: 9/6/2019
 |  Comments: 5
"Hacking Higher Education"
Last Message: 9/6/2019
 |  Comments: 78
7 Steps to Web App Security
Last Message: 9/5/2019
 |  Comments: 1
6 Actions That Made GDPR Real in 2019
Last Message: 9/5/2019
 |  Comments: 1
Privacy 2019: We're Not Ready
Last Message: 9/5/2019
 |  Comments: 1
Effective Pen Tests Follow These 7 Steps
Last Message: 9/5/2019
 |  Comments: 1
419M Facebook User Phone Numbers Publicly Exposed
Last Message: 9/5/2019
 |  Comments: 1
D-Link Agrees to Strengthen Device Security
Last Message: 9/4/2019
 |  Comments: 1
Upping the Ante on Anti-Analysis
Last Message: 9/3/2019
 |  Comments: 1
Overburdened SOC Analysts Shift Priorities
Last Message: 9/3/2019
 |  Comments: 1
91% Of Cyberattacks Start With A Phishing Email
Last Message: 9/3/2019
 |  Comments: 9
Imperva Customer Database Exposed
Last Message: 9/3/2019
 |  Comments: 10
7 Biggest Cloud Security Blind Spots
Last Message: 9/3/2019
 |  Comments: 1
Consumers Urged to Secure Their Digital Lives
Last Message: 9/3/2019
 |  Comments: 1
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Last Message: 9/3/2019
 |  Comments: 2
Malware Found in Android App with 100M Users
Last Message: 9/3/2019
 |  Comments: 7
Retadup Worm Squashed After Infecting 850K Machines
Last Message: 9/3/2019
 |  Comments: 1
RIG Exploit Kit Takedown Sheds Light on Domain Shadowing
Last Message: 9/2/2019
 |  Comments: 1
The Rising Tide of Crimeware-as-a-Service
Last Message: 9/2/2019
 |  Comments: 3
WannaCry Remains No. 1 Ransomware Weapon
Last Message: 9/2/2019
 |  Comments: 16
Old Threats Are New Again
Last Message: 9/1/2019
 |  Comments: 1
Aviation Faces Increasing Cybersecurity Scrutiny
Last Message: 8/31/2019
 |  Comments: 4
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16317
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerabi...
CVE-2019-16318
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.
CVE-2019-16307
PUBLISHED: 2019-09-14
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKe...
CVE-2019-16294
PUBLISHED: 2019-09-14
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
CVE-2019-16309
PUBLISHED: 2019-09-14
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.