Network Computing Dark Reading

Advertise

Slideshows

Content posted in August 2018

View Content By Month

7 Steps to Start Searching with Shodan

Slideshows | 8/29/2018 |

2 comments

The right know-how can turn the search engine for Internet-connected devices into a powerful tool for security professionals.

Why CISOs Should Make Friends With Their CMOs

Slideshows | 8/27/2018 |

Post a comment

A partnership between IT security and marketing could offer many benefits to each group — and to the entire enterprise.

6 Reasons Security Awareness Programs Go Wrong

Slideshows | 8/23/2018 |

Post a comment

While plenty of progress has been made on the training front, there's still some work ahead in getting the word out and doing so effectively.

7 Serious IoT Vulnerabilities

Slideshows | 8/21/2018 |

1 comment

A growing number of employees have various IoT devices in their homes — where they're also connecting to an enterprise network to do their work. And that means significant threats loom.

2018 Pwnie Awards: Who Pwned, Who Got Pwned

Slideshows | 8/15/2018 |

Post a comment

A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.

6 Eye-Raising Third-Party Breaches

Slideshows | 8/10/2018 |

Post a comment

This year's headlines have featured a number of high-profile exposures caused by third parties working on behalf of major brands.

10 Threats Lurking on the Dark Web

Slideshows | 8/8/2018 |

Post a comment

Despite some high-profile takedowns last year, the Dark Web remains alive and well. Here's a compilation of some of the more prolific threats that loom.

Mastering MITRE's ATT&CK Matrix

Slideshows | 8/6/2018 |

3 comments

This breakdown of Mitre's model for cyberattacks and defense can help organizations understand the stages of attack events and, ultimately, build better security.

6 Ways DevOps Can Supercharge Security

Slideshows | 8/2/2018 |

Post a comment

Security teams have a huge opportunity to make major inroads by embracing the DevOps movement.

View Content by Month

[close this box]

Hot Topics

Editors' Choice

Florida Town Pays $600K to Ransomware Operators

Curtis Franklin Jr., Senior Editor at Dark Reading, 6/20/2019

Pledges to Not Pay Ransomware Hit Reality

Robert Lemos, Contributing Writer, 6/21/2019

AWS CISO Talks Risk Reduction, Development, Recruitment

Kelly Sheridan, Staff Editor, Dark Reading, 6/25/2019

Live Events

Webinars

WorkSpace Connect - Sept 9-11, Dallas - Register Now!

Prepare for the Future of WorkSpaces! Register Today!

Work Styles Are Evolving, Are Your IT Teams Ready?

More Informa Tech Live Events

White Papers

Continuous Security Monitoring Platforms are Improving IT Security & Efficiency While Cutting Costs

[Phishing Defense] 5 Uncomfortable Truths

Stop Zero-Hour Phishing Attacks

[Gartner Report] Best Practices for Running Containers & Kubernetes in Production

Vendor Risk Management Guide

More White Papers

Video

All Videos

Cartoon

Latest Comment: Oh no not another version of Agile with yet another language of it's own to learn!

Cartoon Archive

Current Issue

Building and Managing an IT Security Operations Program

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-10133
PUBLISHED: 2019-06-26

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.

CVE-2019-10134
PUBLISHED: 2019-06-26

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.

CVE-2019-10154
PUBLISHED: 2019-06-26

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

CVE-2019-9039
PUBLISHED: 2019-06-26

The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the ?_a...

CVE-2018-20846
PUBLISHED: 2019-06-26

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

Terms of Service
Privacy Statement
Legal Entities