Database Security

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Fahmida Y. Rashid

Profile of Fahmida Y. Rashid

Contributing Editor, Dark Reading

News & Commentary Posts: 4

Fahmida Y. Rashid is an analyst who has covered networking and security for a number of publications, including PCMag, eWEEK, and CRN. She has written about security, core Internet infrastructure, networking security software, hardware, cloud services, and open source.

Articles by Fahmida Y. Rashid

View Content By Month

FTC to Black Hat Attendees: Help Us Make Good Tech Policy

8/12/2015
The FTC’s chief technologist made a direct appeal to security, privacy, and technology communities to get involved and help shape tech laws and policies.
Post a Comment

Inside The Aftermath Of The Saudi Aramco Breach

8/8/2015
Former security advisor to the oil giant describes the days following the Armageddon-style cyberattack that wiped the hard drives of tens of thousands of computers.
Post a Comment

New SMB Relay Attack Steals User Credentials Over Internet

8/5/2015
Researchers found a twist to an older vulnerability that lets them launch SMB relay attacks from the Internet.
Post a Comment

Terracotta VPN Piggybacks On Network Of Compromised Windows Servers

8/4/2015
APT groups use this VPN service to launch attacks against organizations around the world.
Post a Comment

Content by Month
August 2015 - 4
[close this box]

Editors' Choice

12 Free, Ready-to-Use Security Tools

Steve Zurier, Freelance Writer, 10/12/2018

Most IT Security Pros Want to Change Jobs

Dark Reading Staff 10/12/2018

Most Malware Arrives Via Email

Dark Reading Staff 10/11/2018

Webinars

SOC Evolution: How and Why to Update Your Security Operations Center

Effective Cyber Risk Assessment

Purple Team Tactics & TI for Effectively Training Your Cybersecurity Team

Webinar Archives

White Papers

Mobile Devices: The New Support Frontier for IT (IDG Report)

4 CISO Tribes and Where to Find Them

Open Source Network Security Tools for Beginners

10 Endpoint Security Problems Solved by the Cloud for McAfee Users

SMBs Adopt Modern Endpoint Security

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

The State of IT and Cybersecurity

[Strategic Security Report] Navigating the Threat Intelligence Maze

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-17534
PUBLISHED: 2018-10-15

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.

CVE-2018-17980
PUBLISHED: 2018-10-15

NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is execute...

CVE-2018-18259
PUBLISHED: 2018-10-15

Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page.

CVE-2018-18260
PUBLISHED: 2018-10-15

In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false.

CVE-2018-17532
PUBLISHED: 2018-10-15

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.

Terms of Service
Privacy Statement
Legal Entities
Copyright © 2018 UBM, All rights reserved

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]