Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Issue Archives

The State of Cybersecurity Incident Response
Publish Date: Jun 3,2021
2021 Top Enterprise IT Trends
Publish Date: Feb 4,2021
2020: The Year in Security
Publish Date: Dec 7,2020
How to Measure and Reduce Cybersecurity Risk in Your Organization
Publish Date: Oct 28,2020
Special Report: Computing's New Normal
Publish Date: Sep 17,2020
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
Publish Date: Aug 14,2020
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
Publish Date: May 12,2020
6 Emerging Cyber Threats That Enterprises Face in 2020
Publish Date: Feb 13,2020
IT 2020: A Look Ahead
Publish Date: Jan 23,2020
The Year in Security: 2019
Publish Date: Dec 9,2019
Navigating the Deluge of Security Data
Publish Date: Nov 12,2019
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
Publish Date: Aug 12,2019
Building and Managing an IT Security Operations Program
Publish Date: May 15,2019
5 Emerging Cyber Threats to Watch for in 2019
Publish Date: Feb 7,2019
The Year in Security 2018
Publish Date: Dec 7,2018
10 Best Practices That Could Reshape Your IT Security Department
Publish Date: Nov 6,2018
10 Emerging Threats Every Enterprise Should Know About
Publish Date: Aug 16,2018
The Biggest Cybersecurity Breaches of 2018 (So Far)
Publish Date: Jul 23,2018
The Changing Role of the CISO
Publish Date: May 21,2018
How to Cope with the IT Security Skills Shortage
Publish Date: Feb 12,2018
The Year in Security: 2017
Publish Date: Dec 12,2017
Managing Cyber-Risk
Publish Date: Oct 25,2017
Security Vulnerabilities: The Next Wave
Publish Date: Jul 19,2017
Security Operations and IT Operations: Finding the Path to Collaboration
Publish Date: Apr 19,2017
5 Security Technologies to Watch in 2017
Publish Date: Jan 18,2017
Five Things Every Business Executive Should Know About Cybersecurity
Publish Date: Dec 6,2016
Five Emerging Security Threats - And What You Can Learn From Them
Publish Date: Aug 9,2016
The Changing Face of Identity Management
Publish Date: Jul 26,2016
DNS Threats: What Every Enterprise Should Know
Publish Date: Jun 28,2016
How To Build An Effective Defense Against Ransomware
Publish Date: Jun 21,2016
8 Key Building Blocks for Enterprise Network Defense
Publish Date: May 10,2016
Understanding & Managing the Mobile Security Threat
Publish Date: Mar 15,2016
E-Commerce Security: What Every Enterprise Needs to Know
Publish Date: Nov 2,2015
Dark Reading Tech Digest September 7, 2015
Publish Date: Sep 7,2015
Dark Reading Tech Digest, June 2015
Publish Date: Jun 1,2015
Dark Reading - March 2, 2015
Publish Date: Mar 2,2015
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33818
PUBLISHED: 2021-06-18
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVE-2021-33820
PUBLISHED: 2021-06-18
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
CVE-2021-33822
PUBLISHED: 2021-06-18
An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVE-2020-18442
PUBLISHED: 2021-06-18
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".
CVE-2021-3604
PUBLISHED: 2021-06-18
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.