When Hacks Are about Image instead of Money
4/11/2017If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Post a Comment
Author
Profile of Michael Sutton
Chief Information Security Office, Zscaler News & Commentary Posts: 4Michael Sutton has dedicated his career to conducting leading-edge security research, building world-class security teams and educating others on a variety of security topics. As CISO, Sutton drives internal security and heads Zscaler's Office of the CISO. Zscaler has built the world's largest security cloud, trusted by 5,000+ companies, making internal security a critical focus requiring 24x7 monitoring from internal and external resources. The Office of the CISO is a team engaging security executives at a peer level, to drive best practices and facilitate industry wide collaboration on emerging security topics. The Office of the CISO is also responsible for providing subject matter expertise through speaking engagements, blogging and media collaboration.
Articles by Michael Sutton
If you think fake news is a problem, how about the possibility of fake medical or financial information making the rounds with no way to verify its legitimacy?
Post a Comment
In Security, Know That You Know Nothing
7/26/2016Only when security professionals become aware of what they don’t know, can they start asking the right questions and implementing the right security controls.
Post a Comment
Big Business Ransomware: A Lucrative Market in the Underground Economy
7/1/2016Why lock and/or pilfer a person’s files worth hundreds of dollars when corporate data is infinitely more valuable?
Post a Comment
The Hyperconnected World Has Arrived
8/8/2014Yes, the ever-expanding attack surface of the Internet of Things is overwhelming. But next-gen security leaders gathered at Black Hat are up to the challenge.
Post a Comment
White Papers
Video
3 Comments
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-19327
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
From DHS/US-CERT's National Vulnerability Database CVE-2018-19327
PUBLISHED: 2018-11-17
An issue was discovered in JTBC(PHP) 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF.
CVE-2018-19328PUBLISHED: 2018-11-17
LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal.
CVE-2018-19329PUBLISHED: 2018-11-17
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.
CVE-2018-19331PUBLISHED: 2018-11-17
An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter.
CVE-2018-19332PUBLISHED: 2018-11-17
An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add URI.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This