News & Commentary

Content tagged with Compliance posted in September 2012
Internet Explorer Blocks More Malware Than Firefox, Chrome, Safari
Quick Hits  |  9/27/2012  | 
NSS Labs browser tests show Google SafeBrowsing API weak link in catching click fraud malware
Malwarebytes Goes Enterprise
Quick Hits  |  9/18/2012  | 
Free tool for rooting out new malware now has an enterprise-grade sibling
Services Can Help Identify Mobile Risks
News  |  9/17/2012  | 
While mobile device management (MDM) services can help a company manage its employees phones and tablets, figuring out whether the devices are up-to-date is also critical
Microsoft Intercepts 'Nitol' Botnet And 70,000 Malicious Domains
News  |  9/13/2012  | 
Court-ordered sinkhole operation disrupts Chinese DDoS botnet, other malware enterprises
Great, Now We Have To Pee In The Boat
Commentary  |  9/10/2012  | 
Spontaneous reactions can create unintended and costly compliance issues
Web Application Security Is An Ongoing Commitment Due To Highly Dynamic Hacking Risks, Says Frost & Sullivan
News  |  9/5/2012  | 
Recent whitepaper gives an overview of the likely victims and outlines solutions for organizations to protect themselves


WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17321
PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
CVE-2018-17322
PUBLISHED: 2018-09-22
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
CVE-2018-14889
PUBLISHED: 2018-09-21
CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability.
CVE-2018-14890
PUBLISHED: 2018-09-21
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
CVE-2018-14891
PUBLISHED: 2018-09-21
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.