Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by SgS125

SgS125
Member Since: March 12, 2014
Ninja
Posts: 54

Most Recently Posted

54 items
Comment: Your link is invalid - SgS125 - 8/5/2015
Comment: hmmm - SgS125 - 4/15/2015
Comment: can you imagine? - SgS125 - 4/9/2015
Comment: RC4 - SgS125 - 3/30/2015
Comment: Lifetime? - SgS125 - 3/18/2015
Comment: a ticket to ride - SgS125 - 1/22/2015
Comment: Re: Proponent - SgS125 - 1/22/2015
Comment: Wrench in the works - SgS125 - 1/15/2015
Comment: Re: a bit late - SgS125 - 1/13/2015
Comment: Risk Management - SgS125 - 1/8/2015
Comment: Re: REGIN - SgS125 - 1/7/2015
Comment: REGIN - SgS125 - 1/7/2015
Comment: Re: Data Nationalism - SgS125 - 10/24/2014
Comment: Re: CGL Coverage - SgS125 - 10/20/2014
Comment: You sound tired Paul - SgS125 - 9/29/2014
Comment: Great write up! - SgS125 - 9/12/2014
Comment: I bet you meant "now" - SgS125 - 9/10/2014
Comment: broken link - SgS125 - 7/7/2014
Comment: too much access? - SgS125 - 5/13/2014
Comment: clarification - SgS125 - 5/7/2014
Comment: Re: We need proof - SgS125 - 4/11/2014
Comment: We need proof - SgS125 - 4/11/2014


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...