News & Commentary

Content tagged with Database Security posted in July 2012
Simplifying SQL Injection Detection
News  |  7/26/2012  | 
Black Hat researcher releases new lexical analysis tool that doesn't rely on regular expressions
Oracle Customers Urged To Defend Against DoS
News  |  7/18/2012  | 
Quarterly CPU fixes 87 vulnerabilities, including a Fusion Middleware hole rated a 10
Let's Ask 'Why?'
Commentary  |  7/12/2012  | 
Why are big firms still vulnerable to SQL injection?
Slide Show: 10 Free Database Security Tools
Slideshows  |  7/11/2012  | 
While many database protection suites are an expensive proposition, there are a number of free tools available to organizations seeking cost-effective ways to begin securing their databases
Seemingly Insignificant SQL Injections Lead To Rooted Routers
News  |  7/5/2012  | 
Black Hat researcher to show how vulnerable databases with temporary router information can lead to root-level access of Netgear routers
Healthcare Social Media: New Software Aims To Limit Risks
News  |  7/3/2012  | 
SafeGuard, by OpenQ, monitors medical professionals’ use of public networking platforms to make sure they don't break the law.


Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8419
PUBLISHED: 2019-02-17
VNote 2.2 has XSS via a new text note.
CVE-2019-8421
PUBLISHED: 2019-02-17
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2019-8422
PUBLISHED: 2019-02-17
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
CVE-2019-7649
PUBLISHED: 2019-02-17
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVE-2019-8418
PUBLISHED: 2019-02-17
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.