Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Aamir Lakhani

Cybersecurity Researcher and Practitioner for FortiGuard Labs

News & Commentary Posts: 4

Aamir Lakhani formulates security strategy with more than 15 years of cybersecurity experience, his goal to make a positive impact toward the global war on cybercrime and information security. Lakhani provides thought leadership to industry and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders who help define the future of cybersecurity.â€¯

Articles by Aamir Lakhani

View Content By Month

IoT Security During COVID-19: What We've Learned & Where We're Going

8/7/2020
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Post a Comment

Building Black Hat: Locking Down One Of The World’s Biggest Security Conferences

7/25/2016
For security pros, being asked to help secure Black Hat is like being asked to play on the Olympic basketball team.
Post a Comment

Securing Black Hat From Black Hat

8/14/2015
‘Dr. Chaos’ shares the inside scoop on the challenges and rewards of protecting one of the 'most hostile networks on the planet.'
Post a Comment

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 8/10/2020

Researcher Finds New Office Macro Attacks for MacOS

Curtis Franklin Jr., Senior Editor at Dark Reading, 8/7/2020

Healthcare Industry Sees Respite From Attacks in First Half of 2020

Robert Lemos, Contributing Writer, 8/13/2020

Expert led sessions and real networking - Join us at Data Center World 2020: A Virtual Experience

Collaborate With IT Industry Leaders at Interop Digital, Oct. 5-8

More Informa Tech Live Events

White Papers

[Forrester Research] The State of Data Security & Privacy

[Cybersecurity] 6 Misconceptions About Collective Defense

Database Security in the Cloud

Protect Your Brand, Mitigate Fraud and Defend Your Domain

Online Traffic & Cyber Attacks During COVID-19

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: It's a technique known as breaking out of the sandbox kids.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal, a Dark Reading Perspective

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

The Changing Face of Threat Intelligence

The Changing Face of Threat Intelligence

This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!

The Threat from the Internet—and What Your Organization Can Do About It

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

State of Cybersecurity Incident Response

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-20383
PUBLISHED: 2020-08-13

ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.

CVE-2020-24348
PUBLISHED: 2020-08-13

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.

CVE-2020-24349
PUBLISHED: 2020-08-13

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.

CVE-2020-7360
PUBLISHED: 2020-08-13

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was r...

CVE-2020-24342
PUBLISHED: 2020-08-13

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]