Business Technology News and Commentary

Hot Topics

Editors' Choice

2

Is Threat Intelligence Garbage?

Chris McDaniels, Chief Information Security Officer of Mosaic451, 5/23/2018

2

New Mexico Man Sentenced on DDoS, Gun Charges

Dark Reading Staff 5/18/2018

1

What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity

Lital Asher-Dotan, Senior Director, Security Research and Content, Cybereason, 5/21/2018

Webinars

Learn About Cyber Attackers & How They Target Your Organization

Inside the Cyber Underworld: The Black Market Report

Howto Protect Your Brand Across social, Mobile, Domain & the Dark Web

Webinar Archives

White Papers

The Changing Role of the CISO

Privileged Access Managed Service

5th Gen Cyber Attacks Are Here and Most Businesses Are Behind

[Buyers Guide] Remote Support

Mobile Devices: The New Support Frontier for IT (IDG Report)

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Shhh! They're watching... And you have a laptop?

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

The Dark Reading Security Spending Survey

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2013-3018
PUBLISHED: 2018-05-24

The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.

CVE-2013-3023
PUBLISHED: 2018-05-24

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.

CVE-2013-3024
PUBLISHED: 2018-05-24

IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.

CVE-2018-5674
PUBLISHED: 2018-05-24

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2018-5675
PUBLISHED: 2018-05-24

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

News & Commentary