Author

 Glenn S. Phillips

Profile of Glenn S. Phillips

Member Since: 6/5/2014
Author
News & Commentary Posts: 41
Comments: 1
Glenn works with business leaders who want to leverage technology and understand the often hidden risks awaiting them. The Founder and Sr. Consultant of Forte' Incorporated, Glenn and his team work with business leaders to support growth, increase profits, and address dangerous risks lurking in their processes and technology.

A variety of media outlets quote Glenn, including The Wall Street Journal, ABC News Now, Psychology Today, and Entrepreneur magazine and he is the author of the book Nerd-to-English: Your Everyday Guide to Translating Your Business, Your Messages, and Yourself.

Glenn periodically plays his really ugly tuba (complete with a bullet hole in the bell), enjoys a good pun, great music, and dark chocolate.
Articles by Glenn S. Phillips
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-2446
PUBLISHED: 2018-08-14
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
CVE-2018-2447
PUBLISHED: 2018-08-14
SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database.
CVE-2018-2448
PUBLISHED: 2018-08-14
Admin tools in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, allows an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
CVE-2018-2449
PUBLISHED: 2018-08-14
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.
CVE-2018-2450
PUBLISHED: 2018-08-14
SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database.