Network Computing Dark Reading

Advertise

News & Commentary

Content tagged with Compliance posted in August 2019

View Content By Month

SafeGuard Cyber Adds Security, Compliance Capabilities for WeChat

Quick Hits | 8/22/2019 |

Post a comment

A lack of visibility into the app could expose business users to compliance risks and security threats, the company says.

'Phoning Home': Your Latest Data Exfiltration Headache

Commentary | 8/21/2019 |

Post a comment

Companies phone enterprise customer data home securely and for a variety of perfectly legitimate and useful reasons. The problems stem from insufficient disclosure.

Security Pros, Congress Reps Talk National Cybersecurity at DEF CON

News | 8/12/2019 |

Post a comment

Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.

It's (Still) the Password, Stupid!

Commentary | 8/9/2019 |

3 comments

The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.

Yes, FaceApp Really Could Be Sending Your Data to Russia

Commentary | 8/8/2019 |

Post a comment

FaceApp has an unprecedented level of access to data from 150 million users. What could its endgame be? We unpack three potential risks.

Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product

News | 8/1/2019 |

Post a comment

A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 — but the company ignored the issues and fired the consultant.

View Content by Month

[close this box]

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 4/7/2020

The Coronavirus & Cybersecurity: 3 Areas of Exploitation

Robert R. Ackerman Jr., Founder & Managing Director, Allegis Capital, 4/7/2020

FBI Warns Education & Remote Work Platforms About Cyberattacks

Dark Reading Staff 4/3/2020

Webinars

Fighting Cybercrime in a Pandemic Threat Landscape

Malicious Insiders: Real Defense for Real Business

5 Steps to Integrate SAST into the DevSecOps Pipeline

Webinar Archives

White Papers

Global Password Security Report

Annual Threat Intelligence Report: Perspectives and Predictions

One Phish, Two Phish, Three Phish, Fraud Phish

Threat Intelligence Spotlight: The Shifting Framework of Modern Malware

NERC Updates May Force Utility Companies into Better Cybersecurity

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-11655
PUBLISHED: 2020-04-09

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

CVE-2020-11656
PUBLISHED: 2020-04-09

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

CVE-2019-20637
PUBLISHED: 2020-04-08

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connecti...

CVE-2020-11650
PUBLISHED: 2020-04-08

An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3-U1. It allows a denial of service.

CVE-2020-11653
PUBLISHED: 2020-04-08

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]