News & Commentary

Content tagged with Database Security posted in December 2011
App And Database Security: Two Halves Of A Whole
News  |  12/28/2011  | 
Limit application privileges to the database and sanitize input to improve data security
Database Security Proxies
Commentary  |  12/22/2011  | 
Using DAM as a security proxy
Data Security, Top Down
Commentary  |  12/15/2011  | 
Focus on what needs to be done, not how to do it
5 Big Database Breaches Of Late 2011
News  |  12/15/2011  | 
Healthcare breaches have dominated the second half of the year. Consider these lessons learned.
Five Big Database Breaches Of 2011's Second Half
News  |  12/14/2011  | 
Healthcare breaches dominate since the summer, with plenty of lessons learned
Can Security Teams And DBAs Play Nicely?
News  |  12/9/2011  | 
Many organizations see database security projects arrive DOA because the DBA is not on board
Patient Data Losses Jump 32%
News  |  12/7/2011  | 
Growing use of mobile devices in healthcare has intensified the security risk associated with managing patient data.
ADMP: DAM For Web Apps
Commentary  |  12/7/2011  | 
A look at the technology that combines application and database protection


Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19220
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
CVE-2018-19221
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
CVE-2018-19222
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
CVE-2018-19223
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
CVE-2018-19224
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.