News & Commentary
Latest Content tagged with Database Security
|
Oracle Announces Acquisition Of Dyn
Oracle says purchase of the recently DDoSed DNS service is aimed expanding the company’s cloud computing platform.
New Free Tool Stops Petya Ransomware & Rootkits
Meanwhile, Locky puts ransomware on the Check Point Top Three Global Malware List for the first time ever.
Database Breaches: An Alarming Lack Of Preparedness
It's no secret that databases are fertile ground for malicious activities. Here's how a seven-step process for monitoring known harbingers of an imminent attack can help reduce the risk.
Ex-Cardinal Exec Jailed For Hacking Astros
Christopher Correa gets 46 months for unlawful access of rival’s database and downloading confidential details.
Ubuntu Forums Database Hacked
Canonical probe reveals user account details of 2 million stolen, passwords safe.
5 Tips For Making Data Privacy Part Of The Company’s Culture
Common sense steps organizations can take to protect corporate data.
Cloud Apps Just As Secure As On-Premise Apps, Say InfoSec Pros
Unfortunately, 75% of cloud apps will still fall afoul of the new EU General Data Protection Regulation, according to new studies.
Stop Building Silos. Security Is Everyone’s Problem
Yes, it’s true that the speed of DevOps has made security more difficult. But that doesn’t mean accelerated release cycles and secure applications have to be mutually exclusive.
Malware At Root Of Bangladesh Bank Heist Lies To SWIFT Financial Platform
Customized malware hid $81 million of wire transfers until the money had been safely laundered.
10 Tips for Securing Your SAP Implementation
Without clear ownership of security for a critical business platform like SAP, it should come as no surprise that SAP cybersecurity continues to fall through the cracks among IT, admin, security and InfoSec teams.
Databases Remain Soft Underbelly Of Cybersecurity
Most enterprises still don't continuously monitor database activity.
EU Privacy Officials Push Back On Privacy Shield
Better than Safe Harbor, but not good enough. Should we care what they think?
7 Lessons From The Panama Papers Leak
Hopefully your organization isn't hiding as many dark secrets as Mossack Fonseca, but the incident still brings helpful hints about data security, breach response, and breach impact.
Modern Web Apps: Not The Risk They Used To Be (They’re Worse!)
Even a tiny Web application without a single byte of confidential data can expose your corporate crown jewels to cybercriminals.
Survey: When Leaving Company, Most Insiders Take Data They Created
Most employees believe they own their work, and take strategy documents or intellectual property with them as they head out the door.
6 Critical SAP HANA Vulns Can't Be Fixed With Patches
Onapsis releases 21 SAP HANA security advisories, including some Trexnet vulnerabilities that require upgrades and reconfigurations.
15-Year-Old Arrested For TalkTalk Attack
U.K. police collar Northern Ireland youth for questioning, while security industry tries to make sense of confusing information out of TalkTalk CEO.
Another Healthcare Insurer, Excellus BCBS, Hit With Mega-Breach
Excellus Blue Cross Blue Shield and parent company Lifetime Healthcare Companies join ranks of Anthem and Premera after breach that may have exposed more than 10 million patient records.
Data Protection: The 98 Percent Versus The 2 Percent
Four steps for defending your most sensitive corporate information from the inside out.
How Ionic Says It Makes Data Breaches Irrelevant
Ionic Security goes public with a data security platform that manages trillions of encryption keys and enables a user to sign each pixel with its own unique key.
7 Bugs, Breaches, & Compromises To Rock 2015 (So Far)
The year's started off with a bang; will we hear risk management pros whimper?
Two More Health Insurers Report Data Breach
Premera Blue Cross and LifeWise say 11.25 million customers' records might have been exposed.
Cybercrime Dipped During Holiday Shopping Season
The number of businesses breached dropped by half from years past, but attackers got more bang for their buck in terms of stolen records, a new IBM report reveals.
JPMorgan Hack: 2FA MIA In Breached Server
Sources close to the breach investigation say a network server missing two-factor authentication let attackers make their way into JPMorgan's servers.
Data Management Vs. Data Loss Prevention: Vive La Différence!
A sensitive data management strategy can include the use of DLP technology, but it also involves a comprehensive understanding of where your data is and what specifically is at risk.
Don't Discount XSS Vulnerabilities
XSS flaws are more serious than you'd think.
Retailers Now Actively Sharing Cyberthreat Intelligence
The retail industry's R-CISC has been up and running for four months now and is looking for more retailers to sign up.
MBIA Breach Highlights Need For Tightened Security Ops
Configuration change management and better monitoring could have prevented search engine indexing of sensitive financial information.
Heartland CEO On Why Retailers Keep Getting Breached
Robert Carr, chairman and CEO of Heartland Payment Systems, says lack of end-to-end encryption and tokenization were factors in recent data breaches.
Backoff, Dairy Queen, UPS & Retail's Growing PoS Security Problem
Retail brands are trying to pass the buck for data security to banks and franchisees, say some experts.
Breach of Homeland Security Background Checks Raises Red Flags
"We should be burning down the house over this," says a GRC expert.
Heartbleed Not Only Reason For Health Systems Breach
Community Health Systems' bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say.
Community Health Systems Breach Atypical For Chinese Hackers
Publicly traded healthcare organization's stock goes up as breach notifications go out.
Biggest Cache of Stolen Creds Ever Includes 1.2 Billion Unique Logins
A Russian crime ring has swiped more than a billion unique username-password combinations, plus a half-million email addresses.
Researcher Finds Flaws In Key Oracle Security Feature
Famed security researcher and Oracle database expert David Litchfield next month at Black Hat USA will present details of weaknesses he discovered in a widely touted new security feature in Oracle databases.
Dark Reading Radio: Oracle Database Security Hacked
Learn about newly found vulnerabilities in a key database security feature tomorrow in the next episode of Dark Reading Radio.
The Only 2 Things Every Developer Needs To Know About Injection
There’s no simple solution for preventing injection attacks. There are effective strategies that can stop them in their tracks.
Into The Breach: The Limits Of Data Security Technology
When it comes to cyberdefense spending, the smart money should bet on people and compliance as much as on machines.
Privacy, Cybercrime Headline the Infosecurity Europe Conference
Attendees debate NSA surveillance, privacy reforms, cybercrime defenses, and sharpen their CISO skills.
Michaels Retail Chain Reveals Details Of Breach: Nearly 3M Affected
Attack on point-of-sale systems went on for more than six months, officials say.
SQL Injection Cleanup Takes Two Months or More
A new report highlights the prevalence and persistence of SQL injection attacks.
Attackers Hit Clearinghouse Selling Stolen Target Data
Hackers interrupt and deface sites of black-market forums selling credit card data stolen from Target and other retailers.
7 Behaviors That Could Indicate A Security Breach
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.
The Case For Browser-Based Access Controls
Is "browser-ized" security a better defense against hackers than traditional methods? Check out these two examples.
FIDO Alliance Releases Authentication Standards, Unveils Products
Proponents say the new specifications will pave the way for the replacement of passwords, which are frequently lost, stolen, or hacked.
|
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8423
PUBLISHED: 2019-02-18
PUBLISHED: 2019-02-18
PUBLISHED: 2019-02-18
PUBLISHED: 2019-02-18
PUBLISHED: 2019-02-18
From DHS/US-CERT's National Vulnerability Database CVE-2019-8423
PUBLISHED: 2019-02-18
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.
CVE-2019-8424PUBLISHED: 2019-02-18
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.
CVE-2019-8425PUBLISHED: 2019-02-18
includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.
CVE-2019-8426PUBLISHED: 2019-02-18
skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.
CVE-2019-8427PUBLISHED: 2019-02-18
daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This