var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security //

Database Security

News & Commentary
CCPA Kickoff: What Businesses Need to Know
Kelly Sheridan, Staff Editor, Dark ReadingNews
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.
By Kelly Sheridan Staff Editor, Dark Reading, 1/2/2020
Comment0 comments  |  Read  |  Post a Comment
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Dr. Salvatore Stolfo, Founder & CTO, Allure SecurityCommentary
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.
By Dr. Salvatore Stolfo Founder & CTO, Allure Security, 12/26/2019
Comment1 Comment  |  Read  |  Post a Comment
Ambiguity Around CCPA Will Lead to a Slow Start in 2020
Anurag Kahol, CTO, BitglassCommentary
But longer term, compliance to California's new privacy law represents an opportunity for companies to increase customer trust and market share.
By Anurag Kahol CTO, Bitglass, 12/20/2019
Comment0 comments  |  Read  |  Post a Comment
15 Million Patient Records Exposed Attack on Canadian Lab
Dark Reading Staff, Quick Hits
A cyberattack against LifeLabs exposed personal information on patients in Ontario and British Columbia.
By Dark Reading Staff , 12/17/2019
Comment0 comments  |  Read  |  Post a Comment
Data Security Startup Satori Cyber Launches with $5.25M Seed Round
Kelly Sheridan, Staff Editor, Dark ReadingNews
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 12/17/2019
Comment0 comments  |  Read  |  Post a Comment
SQL Server 2019 Tool Tells Attackers Which Data Is Sensitive
Kelly Sheridan, Staff Editor, Dark ReadingNews
The design of SQL Data Discovery & Classification could let attackers pinpoint sensitive information while flying under organizations' radars.
By Kelly Sheridan Staff Editor, Dark Reading, 12/16/2019
Comment0 comments  |  Read  |  Post a Comment
The Implications of Last Week's Exposure of 1.2B Records
Kelly Sheridan, Staff Editor, Dark ReadingNews
Large sums of organized data, whether public or private, are worth their weight in gold to cybercriminals.
By Kelly Sheridan Staff Editor, Dark Reading, 11/26/2019
Comment0 comments  |  Read  |  Post a Comment
1.2B Records Exposed in Massive Server Leak
Dark Reading Staff, Quick Hits
A single server leaked 4 terabytes of personal data, including social media profiles, work histories, and home and mobile phone numbers.
By Dark Reading Staff , 11/22/2019
Comment0 comments  |  Read  |  Post a Comment
Disney+ Credentials Land in Dark Web Hours After Service Launch
Dark Reading Staff, Quick Hits
The credentials, priced from free to $11 per account, appear to be due to victims' re-use of logins and passwords.
By Dark Reading Staff , 11/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Joker's Stash Puts $130M Price Tag on Credit Card Database
Dark Reading Staff, Quick Hits
A new analysis advises security teams on what they should know about the underground payment card seller.
By Dark Reading Staff , 11/11/2019
Comment0 comments  |  Read  |  Post a Comment
California DMV Leak Spills Data from Thousands of Drivers
Dark Reading Staff, Quick Hits
Federal agencies reportedly had improper access to Social Security data belonging to 3,200 license holders.
By Dark Reading Staff , 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
Database Error Exposes 7.5 Million Adobe Customer Records
Dark Reading Staff, Quick Hits
The database was open for approximately one week before the problem was discovered.
By Dark Reading Staff , 10/28/2019
Comment0 comments  |  Read  |  Post a Comment
FBI Expands Election Security Initiative
Dark Reading Staff, Quick Hits
The program offers resources and advice to help protect elections at every level within the US.
By Dark Reading Staff , 10/24/2019
Comment0 comments  |  Read  |  Post a Comment
20M Russians' Personal Tax Records Exposed in Data Leak
Dark Reading Staff, Quick Hits
An unprotected Elasticsearch cluster contained personally identifiable information on Russian citizens from 2009 to 2016.
By Dark Reading Staff , 10/3/2019
Comment1 Comment  |  Read  |  Post a Comment
One Arrested in Ecuador's Mega Data Leak
Dark Reading Staff, Quick Hits
Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
24.3M Unsecured Health Records Expose Patient Data, Images
Dark Reading Staff, Quick Hits
Several hundred servers storing medical data are connected to the Internet without any protection for sensitive information and images.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
US Companies Unprepared for Privacy Regulations
Dark Reading Staff, Quick Hits
US companies are poorly prepared for even the most rudimentary privacy regulations, a new report says.
By Dark Reading Staff , 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Oracle Expands Cloud Security Services at OpenWorld 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
The company broadens its portfolio with new services developed to centralize and automate cloud security.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2019
Comment0 comments  |  Read  |  Post a Comment
Data Leak Affects Most of Ecuador's Population
Kelly Sheridan, Staff Editor, Dark ReadingNews
An unsecured database containing 18GB of data exposed more than 20 million records, most of which held details about Ecuadorian citizens.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2019
Comment0 comments  |  Read  |  Post a Comment
Job-Seeker Data Exposed in Monster File Leak
Dark Reading Staff, Quick Hits
The job website says it cannot notify users since the exposure occurred on a third-party organization's servers.
By Dark Reading Staff , 9/6/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
Kelly Sheridan, Staff Editor, Dark Reading,  1/10/2020
7 Free Tools for Better Visibility Into Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/9/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-01-16
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.

PUBLISHED: 2020-01-16
The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.

PUBLISHED: 2020-01-16
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.

PUBLISHED: 2020-01-16
In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.

PUBLISHED: 2020-01-16
async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app