Hot Topics

Editors' Choice

3

Veterans Find New Roles in Enterprise Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018

2

Empathy: The Next Killer App for Cybersecurity?

Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018

2

Understanding Evil Twin AP Attacks and How to Prevent Them

Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018

RIP, 'IT Security'

Kevin Kurzawa, Senior Information Security Auditor,  11/13/2018

Security Teams Struggle with Container Security Strategy

Ericka Chickowski, Contributing Writer, Dark Reading,  11/14/2018

Cryptojacking, Mobile Malware Growing Threats to the Enterprise

Curtis Franklin Jr., Senior Editor at Dark Reading,  11/14/2018

Subscribe to Newsletters

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

Developing a Customized Defense Against Targeted Attacks

The Insider Threat: Real Defense for Real Businesses

Cyber Threat Intelligence Inside Your Organization

Webinar Archives

White Papers

4 Support Teams That Embraced Mobile

Mitigating False-Positives to Improve Software Publishing

Investigating Malware Threats Within your Network

Picture This: Cyber Crime for Sale

For More Effective Endpoint Security, Improve Your Endpoint Management

More White Papers

Video

How Secure Are Our Voting Systems?

3 Comments

Don't Overestimate WebAssembly's Security

0 Comments

SirenJack: Cracking SF's Emergency System

2 Comments

DeepLocker Hides Targeted Attacks

1 Comments

Forensic Analysis of 'Worst Voting ...

0 Comments

The Uncertain Fate of WHOIS, & Other ...

1 Comments

Stopping Payment Card Fraud With Threat Intel

0 Comments

Malicious Cryptomining & Other Shifting ...

0 Comments

The Economics of AI-Enabled Security

0 Comments

Threat Deception for Insider Threat

0 Comments

Filtering the Threat Intel Tsunami

0 Comments

Ensuring Hardened, Secure Web Apps

0 Comments

All Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-15769
PUBLISHED: 2018-11-16

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is...

CVE-2018-18955
PUBLISHED: 2018-11-16

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resour...

CVE-2018-19311
PUBLISHED: 2018-11-16

Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.

CVE-2018-19312
PUBLISHED: 2018-11-16

Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.

CVE-2018-19318
PUBLISHED: 2018-11-16

SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.