7x彩票网appDark Reading is part of the Informa Tech Division of Informa PLC

7x彩票网appThis site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

News & Commentary
Trend Micro Patches Two Zero-Days Under Attack
Dark Reading Staff, Quick Hits
Businesses are urged to update the Apex One and OfficeScan XG enterprise security products as soon as possible.
By Dark Reading Staff , 3/18/2020
Comment0 comments  |  Read  |  Post a Comment
This Tax Season, Save the Scorn and Protect Customers from Phishing Scams
Dr. Salvatore Stolfo, Founder & CTO, Allure SecurityCommentary
As security professionals, it's easy to get cynical about the continued proliferation of tax ID theft and blame the consumers themselves. But that doesn't help anyone.
By Dr. Salvatore Stolfo Founder & CTO, Allure Security, 3/17/2020
Comment2 comments  |  Read  |  Post a Comment
Privacy in a Pandemic: What You Can (and Can't) Ask Employees
Kelly Sheridan, Staff Editor, Dark ReadingNews
Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.
By Kelly Sheridan Staff Editor, Dark Reading, 3/16/2020
Comment0 comments  |  Read  |  Post a Comment
Hellman & Friedman Acquires Checkmarx for $1.15B
Dark Reading Staff, Quick Hits
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.
By Dark Reading Staff , 3/16/2020
Comment0 comments  |  Read  |  Post a Comment
Fewer Vulnerabilities in Web Frameworks, but Exploits Remain Steady
Robert Lemos, Contributing WriterNews
Attackers continue to focus on web and application frameworks, such as Apache Struts and WordPress, fighting against a decline in vulnerabilities, according to an analysis.
By Robert Lemos Contributing Writer, 3/16/2020
Comment1 Comment  |  Read  |  Post a Comment
DDoS Attack Trends Reveal Stronger Shift to IoT, Mobile
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers are capitalizing on the rise of misconfigured Internet-connected devices running the WS-Discovery protocol, and mobile carriers are hosting distributed denial-of-service weapons.
By Kelly Sheridan Staff Editor, Dark Reading, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
Princess Cruises Confirms Data Breach
Dark Reading Staff, Quick Hits
The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers' personal data.
By Dark Reading Staff , 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us?
Yaniv Valik, VP Product, Cyber and IT Resilience, Continuity SoftwareCommentary
Law-abiding folks like us applauded Texas for its bravery ? but would we have the steel will to stand on the side of justice if it happened to us? Probably not.
By Yaniv Valik VP Product, Cyber and IT Resilience, Continuity Software, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
New Report Shows Breach Costs Continuing to Grow
Dark Reading Staff, Quick Hits
The costs associated with data breaches climb alongside the amount of data managed by the enterprise according to the latest Global Protection Index Snapshot.
By Dark Reading Staff , 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Leaked Remote Code Execution Flaw
Dark Reading Staff, Quick Hits
A vulnerability in Microsoft's Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week.
By Dark Reading Staff , 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Back to the Future: A Threat Intelligence Journey
Michelle Alvarez, Manager, Threat Intelligence Production Team, IBM X-Force IRISCommentary
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.
By Michelle Alvarez Manager, Threat Intelligence Production Team, IBM X-Force IRIS, 3/12/2020
Comment0 comments  |  Read  |  Post a Comment
Cyberspace Solarium Commission Slams US Cybersecurity Readiness
Dark Reading Staff, Quick Hits
The federal commission outlined more than 60 recommendations to remedy major security problems.
By Dark Reading Staff , 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Increasingly Targeting Small Governments
Robert Lemos, Contributing WriterNews
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.
By Robert Lemos Contributing Writer, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?
Kelly Sheridan, Staff Editor, Dark ReadingNews
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks.
By Kelly Sheridan Staff Editor, Dark Reading, 3/11/2020
Comment1 Comment  |  Read  |  Post a Comment
Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals
Robert Lemos, Contributing WriterNews
Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious.
By Robert Lemos Contributing Writer, 3/11/2020
Comment0 comments  |  Read  |  Post a Comment
Why CSP Isn't Enough to Stop Magecart-Like Attacks
Hadar Blutrich, CTO & Co-founder, Source DefenseCommentary
As Magecart and formjacking attacks become more sophisticated, it's essential to address not only what services may interact with users, but what that interaction looks like and how to control it.
By Hadar Blutrich CTO & Co-founder, Source Defense, 3/11/2020
Comment1 Comment  |  Read  |  Post a Comment
3 Tips to Stay Secure When You Lose an Employee
Bil Harmer​, CISO & Chief Evangelist at SecureAuthCommentary
Whether they leave for a better job or get fired, and whether they mean to cause problems or do so out of ignorance, ex-workers can pose a threat to your company.
By Bil Harmer​ CISO & Chief Evangelist at SecureAuth, 3/10/2020
Comment0 comments  |  Read  |  Post a Comment
Paradise Ransomware Variant Hides in Office IQY Files
Dark Reading Staff, Quick Hits
The uncommon Internet Query file format lets attacks slip past defenses to effectively break into target networks.
By Dark Reading Staff , 3/10/2020
Comment0 comments  |  Read  |  Post a Comment
How Network Metadata Can Transform Compromise Assessment
Ricardo Villadiego, Founder and CEO of LumuCommentary
Listen more closely and your network's metadata will surrender insights the bad guys counted on keeping secret
By Ricardo Villadiego Founder and CEO of Lumu, 3/10/2020
Comment1 Comment  |  Read  |  Post a Comment
WatchGuard Buys Panda Security for Endpoint Security Tech
Dark Reading Staff, Quick Hits
In the long term, Panda Security's technologies will be integrated into the WatchGuard platform.
By Dark Reading Staff , 3/9/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Many Ransomware Attacks Can be Stopped Before They Begin
Jai Vijayan, Contributing Writer,  3/17/2020
This Tax Season, Save the Scorn and Protect Customers from Phishing Scams
Dr. Salvatore Stolfo, Founder & CTO, Allure Security,  3/17/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-03-18
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-rhel7-containera as ...

PUBLISHED: 2020-03-18
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as sh...

PUBLISHED: 2020-03-18
It was found that the Token Processing Service (TPS) did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting (XSS) vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, whi...

PUBLISHED: 2020-03-18
The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib macros in verisons prior to 3.3.0, does not check for memory allocation problems when the DEBUG flag is unset (as is the case in production firmware builds).

PUBLISHED: 2020-03-18
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates an `auth` directory, with `kubeconfig` and `kubeadmin-password` files. Both files contain credentials used to authenticate to the OpenShift API server, and are incorrectly assigned word-readable permissi...
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app