Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of Bill Brenner

Information Security Blogger

News & Commentary Posts: 2

Writer. Father. Husband. Blogger. History buff. Heavy Metal fanatic. Rebellious Catholic. Frequent traveler. In his day job, Brenner writes about threats to Internet security as seen from his vantage point as Senior Security Tech Writer at Akamai Technologies research center. He also blogs about the wider security industry at Liquidmatrix.org and writes about mental health issues at theocddiaries.com. Opinions are his own.

Articles by Bill Brenner

View Content By Month

Security Surveys: Read With Caution

6/22/2015
I’m skeptical of industry surveys that tell security practitioners what they already know. Don’t state the obvious. Tell us the way forward.
Post a Comment

FUD Watch: The Marketing Of Security Vulnerabilities

5/28/2015
I’m all for raising awareness, but making designer vulnerabilities, catchy logos and content part of the disclosure process is a step in the wrong direction.
Post a Comment

Hot Topics

Editors' Choice

7 Tips for Choosing Security Metrics That Matter

Ericka Chickowski, Contributing Writer, 10/19/2020

IoT Vulnerability Disclosure Platform Launched

Dark Reading Staff 10/19/2020

GravityRAT Spyware Targets Android & MacOS in India

Dark Reading Staff 10/19/2020

Live Events

Webinars

Get Your Pass | Interop Digital December 3rd FREE Event

Interop Digital December 3rd FREE Event on Cloud & Networking

More Informa Tech Live Events

White Papers

When and How to Best Leverage an MSSP

SANS Report: Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework

IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment

7 Experts on Transforming Your Threat Detection & Response Strategy

An Integrated Approach to Embedding Security into DevOps

More White Papers

Cartoon

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-27155
PUBLISHED: 2020-10-22

An issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may allow an untrusted tentacle host to present itself as a trusted one.

CVE-2020-27195
PUBLISHED: 2020-10-22

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6

CVE-2020-7020
PUBLISHED: 2020-10-22

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents ...

CVE-2020-26649
PUBLISHED: 2020-10-22

AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php

CVE-2020-26650
PUBLISHED: 2020-10-22

AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]