Deconstructing a Business Email Compromise Attack
3/29/2018How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
Author
Profile of David Holmes
World-Wide Security Evangelist, F5 Member Since: 1/27/2015Author
News & Commentary Posts: 8
Comments: 2
David Holmes is the world-wide security evangelist for F5 Networks. He writes and speaks about hackers, cryptography, fraud, malware and many other InfoSec topics. He has spoken at over 30 conferences on all six developed continents, including RSA Europe in Amsterdam, InfoSec in London and Gartner Data Center in Las Vegas.
David writes a bi-weekly column at SecurityWeek, and has had the good fortune to write for DarkReading, SC Magazine, Network World and many other computer security magazines and websites. He has three patents pending for F5 and still contributes code to open-source projects such as OpenSSL.
Articles by David Holmes
How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
The Mirai Botnet Is Attacking Again…
2/15/2018And the spinoff bots — and all their command and control hostnames buried in the morass of digital data — are hilarious.
Post a Comment
'Reaper': The Professional Bot Herder’s Thingbot
11/16/2017Is it malicious? So far it's hard to tell. For now it's a giant blinking red light in security researchers faces warning us that we’d better figure out how to secure the Internet of Things.
Post a Comment
5 Reasons Why the CISO is a Cryptocurrency Skeptic
10/26/2017If you think all you need is technology to defend against bad guys, you shouldn’t be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.
Post a Comment
How Quantum Computing Will Change Browser Encryption
8/24/2017From a protocol point of view, we’re closer to a large-scale quantum computer than many people think. Here’s why that’s an important milestone.
Post a Comment
Profile of a Hacker: The Real Sabu
7/20/2017There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Here’s one, and another about what he is doing today.
Post a Comment
Cloud & The Security Skills Gap
7/6/2015F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
Post a Comment
How The Skills Shortage Is Killing Defense in Depth
1/30/2015It used to be easy to sell specialized security gizmos but these days when a point product gets pitched to a CSO, the response is likely “looks nifty, but I don’t have the staff to deploy it.”
Post a Comment
White Papers
Video
3 Comments
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-19349
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
PUBLISHED: 2018-11-17
From DHS/US-CERT's National Vulnerability Database CVE-2018-19349
PUBLISHED: 2018-11-17
In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.
CVE-2018-19350PUBLISHED: 2018-11-17
In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element.
CVE-2018-19341PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader...
CVE-2018-19342PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation starting at U3DBrowser+0x00000000...
CVE-2018-19343PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read), obtain sensitive information, or possibly have unspecified other impact via a U3D sample because of a "Data from Faul...
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This