When Hacks Are about Image instead of Money
4/11/2017If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Post a Comment
Author
Profile of Michael Sutton
Chief Information Security Office, Zscaler News & Commentary Posts: 4Michael Sutton has dedicated his career to conducting leading-edge security research, building world-class security teams and educating others on a variety of security topics. As CISO, Sutton drives internal security and heads Zscaler's Office of the CISO. Zscaler has built the world's largest security cloud, trusted by 5,000+ companies, making internal security a critical focus requiring 24x7 monitoring from internal and external resources. The Office of the CISO is a team engaging security executives at a peer level, to drive best practices and facilitate industry wide collaboration on emerging security topics. The Office of the CISO is also responsible for providing subject matter expertise through speaking engagements, blogging and media collaboration.
Articles by Michael Sutton
If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Post a Comment
In Security, Know That You Know Nothing
7/26/2016Only when security professionals become aware of what they don’t know, can they start asking the right questions and implementing the right security controls.
Post a Comment
Big Business Ransomware: A Lucrative Market in the Underground Economy
7/1/2016Why lock and/or pilfer a person’s files worth hundreds of dollars when corporate data is infinitely more valuable?
Post a Comment
The Hyperconnected World Has Arrived
8/8/2014Yes, the ever-expanding attack surface of the Internet of Things is overwhelming. But next-gen security leaders gathered at Black Hat are up to the challenge.
Post a Comment
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-14492
PUBLISHED: 2018-07-21
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
From DHS/US-CERT's National Vulnerability Database CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This