var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

7x彩票网appDark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
NRC Health Ransomware Attack Prompts Patient Data Concerns
Dark Reading Staff, Quick Hits
The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed.
By Dark Reading Staff , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Security Now Merges With Dark Reading
Tim Wilson, Editor in Chief, Dark Reading, News
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
By Tim Wilson, Editor in Chief, Dark Reading , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Announces General Availability of Threat Protection, Insider Risk Management
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft made several security announcements ahead of RSA Conference, including its decision to bring Microsoft Defender to iOS and Android.
By Kelly Sheridan Staff Editor, Dark Reading, 2/20/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Damage Hit $11.5B in 2019
Dark Reading Staff, Quick Hits
A new report shows the scale of ransomware's harm and the growth of that damage year-over-year -- an average of $141,000 per incident.
By Dark Reading Staff , 2/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Users Have Risky Security Habits, but Security Pros Aren't Much Better
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.
By Kelly Sheridan Staff Editor, Dark Reading, 2/19/2020
Comment0 comments  |  Read  |  Post a Comment
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust CompanyCommentary
Are you asking the right questions to determine how well your vendors will protect your data? Probably not.
By Nick Selby Chief Security Officer at Paxos Trust Company, 2/19/2020
Comment1 Comment  |  Read  |  Post a Comment
Don't Let Iowa Bring Our Elections Back to the Stone Age
Andre McGregor, Chief Security Officer at ShiftState & Veteran FBI AgentCommentary
The voting experience should be the same whether the vote is in person, by mail, or over the Internet. Let's not allow one bad incident stop us from finding new ways to achieve this.
By Andre McGregor Chief Security Officer at ShiftState & Veteran FBI Agent, 2/19/2020
Comment0 comments  |  Read  |  Post a Comment
Cyber Fitness Takes More Than a Gym Membership & a Crash Diet
Ryan Weeks, Chief Information Security Officer at DattoCommentary
Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.
By Ryan Weeks Chief Information Security Officer at Datto, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Firmware Weaknesses Can Turn Computer Subsystems into Trojans
Robert Lemos, Contributing WriterNews
Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants.
By Robert Lemos Contributing Writer, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Palm Beach Elections Office Hit with Ransomware Pre-2016 Election
Dark Reading Staff, Quick Hits
Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Babel of IoT Authentication Poses Security Challenges
Robert Lemos, Contributing WriterNews
With more than 80 different schemes for authenticating devices either proposed or implemented, best practices and reference architectures are sorely needed, experts say.
By Robert Lemos Contributing Writer, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at KaseyaCommentary
There is no one-size-fits-all strategy for security, but a robust plan and the implementation of new technologies will help you and your IT team sleep better.
By Mike Puglia Chief Strategy Officer at Kaseya, 2/13/2020
Comment3 comments  |  Read  |  Post a Comment
Avast Under Investigation by Czech Privacy Agency
Dark Reading Staff, Quick Hits
The software security maker is suspected of selling data about more than 100 million users to companies including Google, Microsoft, and Home Depot.
By Dark Reading Staff , 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
FBI: Business Email Compromise Cost Businesses $1.7B in 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.
By Kelly Sheridan Staff Editor, Dark Reading, 2/12/2020
Comment1 Comment  |  Read  |  Post a Comment
Stop Defending Everything
Kevin Kurzawa, Senior Information Security AuditorCommentary
Instead, try prioritizing with the aid of a thorough asset inventory.
By Kevin Kurzawa Senior Information Security Auditor, 2/12/2020
Comment3 comments  |  Read  |  Post a Comment
Microsoft Patches Exploited Internet Explorer Flaw
Kelly Sheridan, Staff Editor, Dark ReadingNews
This month's Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.
By Kelly Sheridan Staff Editor, Dark Reading, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Why Ransomware Will Soon Target the Cloud
Corey Nachreiner, Chief Technology Officer, WatchGuard TechnologiesCommentary
As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.
By Corey Nachreiner Chief Technology Officer, WatchGuard Technologies, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits
Kelly Sheridan, Staff Editor, Dark ReadingNews
Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
CIA's Secret Ownership of Crypto AG Enabled Extensive Espionage
Dark Reading Staff, Quick Hits
Crypto AG made millions selling encryption devices to more than 120 countries, which unknowingly transmitted intel back to the CIA.
By Dark Reading Staff , 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
6 Factors That Raise The Stakes For IoT Security
Ericka Chickowski, Contributing Writer
Developments that exacerbate the risk and complicate making Internet of Things devices more secure.
By Ericka Chickowski Contributing Writer, 2/10/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Techgmyth
Current Conversations
In reply to: ">Regarding Business Security Tips by
Post Your Own Reply
More Conversations
PR Newswire
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-02-23
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the _transaction parameter, the server replies with a verbose error showing where the application resides (the a...

PUBLISHED: 2020-02-23
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the _transaction parameter.

PUBLISHED: 2020-02-23
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML ...

PUBLISHED: 2020-02-23
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. pat...

PUBLISHED: 2020-02-23
danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled.
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app