Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Aamir Lakhani

Cybersecurity Researcher and Practitioner for FortiGuard Labs

News & Commentary Posts: 5

Aamir Lakhani formulates security strategy with more than 15 years of cybersecurity experience, his goal to make a positive impact toward the global war on cybercrime and information security. Lakhani provides thought leadership to industry and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders who help define the future of cybersecurity.â€¯

Articles by Aamir Lakhani

View Content By Month

Building the Human Firewall

10/20/2020
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Post a Comment

IoT Security During COVID-19: What We've Learned & Where We're Going

8/7/2020
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Post a Comment

Building Black Hat: Locking Down One Of The World’s Biggest Security Conferences

7/25/2016
For security pros, being asked to help secure Black Hat is like being asked to play on the Olympic basketball team.
Post a Comment

Securing Black Hat From Black Hat

8/14/2015
‘Dr. Chaos’ shares the inside scoop on the challenges and rewards of protecting one of the 'most hostile networks on the planet.'
Post a Comment

Editors' Choice

How SolarWinds Busted Up Our Assumptions About Code Signing

Dr. Jethro Beekman, Technical Director, 3/3/2021

'ObliqueRAT' Now Hides Behind Images on Compromised Websites

Jai Vijayan, Contributing Writer, 3/2/2021

Attackers Turn Struggling Software Projects Into Trojan Horses

Robert Lemos, Contributing Writer, 2/26/2021

Interop Digital - Free Cybersecurity Event April 29

Communications & Collaboration: 2024 (March 9-10)

More Informa Tech Live Events

White Papers

Why Add Security to Your Skill Set and How to Do It

Accelerate Threat Resolutions with DNS

Enabling Enterprise Resiliency Through Cyberthreat Detection

Are We Cyber-Resilient? The Key Question Every Organization Must Answer

Sunburst: Impact and Timeline

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Your new device is too complex. Me stick with iWheel.

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

How Enterprises are Developing Secure Applications

How Enterprises are Developing Secure Applications

Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Assessing Cybersecurity Risk in Today's Enterprises

The Malware Threat Landscape

How Data Breaches Affect the Enterprise (2020)

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-21312
PUBLISHED: 2021-03-03

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...

CVE-2021-21313
PUBLISHED: 2021-03-03

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, indeed, at least two parameters _target and id are not proper...

CVE-2021-21314
PUBLISHED: 2021-03-03

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerability involving a logged in user while updating a ticket.

CVE-2021-27931
PUBLISHED: 2021-03-03

LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service.

CVE-2021-27935
PUBLISHED: 2021-03-03

An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]