Advertise

News & Commentary

Content posted in September 2005

View Content By Month

Today's Handy Spyware-Avoiding Tip

Commentary | 9/16/2005 |

Post a comment

While much of the Monday-morning quarterbacking of the response to Hurricane Katrina revolves around poor communication, bureaucratic missteps, sluggishness, and red tape on both the state and federal levels, the disaster got me thinking about something entirely different: the readiness of our national infrastructure--roughly 80% of which lies in private hands--to withstand or bounce back from a disaster or cyberattack of similar proportions.

View Content by Month

[close this box]

Hot Topics

Editors' Choice

More Than Half of Users Reuse Passwords

Curtis Franklin Jr., Senior Editor at Dark Reading, 5/24/2018

Is Threat Intelligence Garbage?

Chris McDaniels, Chief Information Security Officer of Mosaic451, 5/23/2018

Pet Tracker Flaws Expose Pets and Their Owners to Cybercrime

Dark Reading Staff 5/22/2018

Webinars

Learn About Cyber Attackers & How They Target Your Organization

Migrating Security Controls to the Cloud

Strategy Session: Coping with the IT Security Skill Shortage

Webinar Archives

White Papers

Privileged Access Managed Service

The Real Cost of Insider Threats: 2018 Ponemon Report Highlights

2018 Security Report

Phishing Response Trends: It's a Cluster

Left of Breach

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

The Dark Reading Security Spending Survey

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-11505
PUBLISHED: 2018-05-26

The Werewolf Online application 0.8.8 for Android allows attackers to discover the Firebase token by reading logcat output.

CVE-2018-6409
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. The module in charge of serving stored files gets the path from the database. Modifying the name of the file to serve on the corresponding ap_form table leads to a path traversal vulnerability via the download.php q parameter.

CVE-2018-6410
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter.

CVE-2018-6411
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.

CVE-2018-11500
PUBLISHED: 2018-05-26

An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF vulnerability in "admin/sysUser/save.do?callbackType=closeCurrent&navTabId=sysUser/list" that can add an admin account.

Terms of Service
Privacy Statement
Legal Entities