Hot Topics

Editors' Choice

3

12 Free, Ready-to-Use Security Tools

Steve Zurier, Freelance Writer,  10/12/2018

2

Most IT Security Pros Want to Change Jobs

Dark Reading Staff 10/12/2018

2

6 Security Trends for 2018/2019

Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018

6 Security Trends for 2018/2019

Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018

Russian Hacking Groups Intersect in Recent Cyberattacks

Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/10/2018

CISOs: How to Answer the 5 Questions Boards Will Ask You

John Hellickson, Vice President, Advisory Services, at Kudelski Security, Inc.,  10/2/2018

Subscribe to Newsletters

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

SOC Evolution: How and Why to Update Your Security Operations Center

Effective Cyber Risk Assessment

The Network of the Future is Powered by AI

Webinar Archives

White Papers

Stopping Cyber Threats: Your Field Guide to Threat Hunting

Building Security In Maturity Model (BSIMM9)

Are Your Network Users Over-Privileged?

6 Keys to Faster Phishing Mitigation

OpenText EnCase Endpoint Security Product Overview

More White Papers

Video

How Secure Are Our Voting Systems?

0 Comments

Don't Overestimate WebAssembly's Security

0 Comments

SirenJack: Cracking SF's Emergency System

1 Comments

DeepLocker Hides Targeted Attacks

0 Comments

Forensic Analysis of 'Worst Voting ...

0 Comments

The Uncertain Fate of WHOIS, & Other ...

1 Comments

Stopping Payment Card Fraud With Threat Intel

0 Comments

Malicious Cryptomining & Other Shifting ...

0 Comments

The Economics of AI-Enabled Security

0 Comments

Threat Deception for Insider Threat

0 Comments

Filtering the Threat Intel Tsunami

0 Comments

Ensuring Hardened, Secure Web Apps

0 Comments

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This looked WAY easier when Tom Cruise did it in Mission Impossible!

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10839
PUBLISHED: 2018-10-16

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.

CVE-2018-13399
PUBLISHED: 2018-10-16

The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.

CVE-2018-18381
PUBLISHED: 2018-10-16

Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.

CVE-2018-18382
PUBLISHED: 2018-10-16

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.

CVE-2018-18374
PUBLISHED: 2018-10-16

XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.