Database Security

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Darkreading

Advertise

Author

Profile of Danelle Au

VP Strategy, SafeBreach

News & Commentary Posts: 7

Danelle is vice president of strategy at SafeBreach. She has more than 15 years of experience bringing new technologies to market. Prior to SafeBreach, Danelle led strategy and marketing at Adallom, a cloud security company acquired by Microsoft. She was also responsible for security solutions at Palo Alto Networks, driving growth in critical IT initiatives like virtualization, network segmentation and mobility. Danelle was co-founder of a high-speed networking chipset startup, co-author of an IP Communications Book and holds 2 U.S. Patents.

Articles by Danelle Au

View Content By Month

GDPR: Ready or Not, Here It Comes

1/24/2018
As organizations all over the world look ahead to May 25 when Europe's General Data Protection Regulation takes effect, many will fall short.
Post a Comment

Threat Intelligence Sharing: The New Normal?

6/23/2017
The spirit of cooperation seems to be taking hold as demonstrated by the growing number of thriving services and organizations whose sole purpose is to analyze specific threats against specific communities.
Post a Comment

A New Mantra For Cybersecurity: 'Simulate, Simulate, Simulate!'

2/1/2017
What security teams can learn from the Apollo 13 space program, a global pandemic, and major infrastructure disruptions to identify their best responses to attacks.
Post a Comment

Hacking 'Forward’ With Weaponized Intelligence

9/20/2016
Instead of hacking back and taking the fight to your adversary, what if your organization hacked forward by unearthing breach scenarios before the hackers do?
Post a Comment

CISO Playbook: Games Of War & Cyber Defenses

5/16/2016
Limiting incident response planning to hypothetical table-top scenarios is far too risky in today’s threat environment. But with cyberwar gaming, you can simulate the experience of a real attack.
Post a Comment

CISO Playbook: Suit-up & Play Offense

3/15/2016
In the game of IT security there are thousands of tools available, but the very best strategy to prepare for an opponent is to know your own weaknesses.
Post a Comment

To Better Defend Yourself, Think Like A Hacker

12/15/2015
As attacks become more sophisticated and attackers more determined, organizations need to adopt an offensive approach to security that gets inside the head of the hacker.
Post a Comment

Editors' Choice

More Than Half of Users Reuse Passwords

Curtis Franklin Jr., Senior Editor at Dark Reading, 5/24/2018

Is Threat Intelligence Garbage?

Chris McDaniels, Chief Information Security Officer of Mosaic451, 5/23/2018

Pet Tracker Flaws Expose Pets and Their Owners to Cybercrime

Dark Reading Staff 5/22/2018

Webinars

Learn About Cyber Attackers & How They Target Your Organization

Inside the Cyber Underworld: The Black Market Report

[Cybersecurity Crash Course] Detecting & Mitigating Malware

Webinar Archives

White Papers

The Real Cost of Insider Threats: 2018 Ponemon Report Highlights

2018 Security Report

Mobile Devices: The New Support Frontier for IT (IDG Report)

Phishing Response Trends: It's a Cluster

Case Study: NYCM's Help Desk Goes From Limited & Inefficient to Fast & Impressive

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

The State of Ransomware

The Dark Reading Security Spending Survey

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-11487
PUBLISHED: 2018-05-26

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php.

CVE-2018-11471
PUBLISHED: 2018-05-25

Cockpit 0.5.5 has XSS via a collection, form, or region.

CVE-2018-11472
PUBLISHED: 2018-05-25

Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).

CVE-2018-11473
PUBLISHED: 2018-05-25

Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).

CVE-2018-11474
PUBLISHED: 2018-05-25

Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.

Terms of Service
Privacy Statement
Legal Entities
Copyright © 2018 UBM, All rights reserved

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]