Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Avi Bashan

Senior Security Researcher, Check Point

News & Commentary Posts: 1

Avi Bashan is a technology leader at Check Point and former senior security researcher and CISO at Lacoon Mobile Security. With more than 10 years of experience in the mobile, networking, and security industries, Avi is one of the main figures in the research and engineering aspects of the company. Prior to Lacoon, Avi was a leading security consultant at Comsec, working with Fortune 500 firms on their vulnerability management processes. He spent four and a half years in the Israeli Defense Force. Avi holds a B.Med.Sc from the Hebrew University of Israel in Medical Studies.

Articles by Avi Bashan

View Content By Month

Mobile Security: Why App Stores Don’t Keep Users Safe

3/24/2016
In a preview of his Black Hat Asia Briefing next week, a security researcher offers more proof of trouble in the walled gardens of the Apple and Google App stores.
Post a Comment

Content by Month
March 2016 - 1
[close this box]

Hot Topics

Editors' Choice

Malicious USB Drive Hides Behind Gift Card Lure

Dark Reading Staff 3/27/2020

Virgin Media Could Pay £4.5B for Leak Affecting 900,000 Customers

Dark Reading Staff 3/27/2020

Security Not a Priority for SAP Projects, Users Report

Dark Reading Staff 3/26/2020

Webinars

Malicious Insiders: Real Defense for Real Business

Virtual Event: The State of Cloud Security

Chatbots for the Enterprise

Webinar Archives

White Papers

Cybersecurity Research: 2019 AWS Cloud Security Report

Securing Real-Time Communications for Dummies Book

Hackers: Your Secret Weapon

Power Management 101: Get the Most Out of Your Hardware

Hacker's Almanac

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "I feel safe, but I can't understand a word he's saying."

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-10374
PUBLISHED: 2020-03-30

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.

CVE-2020-11104
PUBLISHED: 2020-03-30

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an (initialized) C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information (such as memory layout or private keys) can be gleaned if...

CVE-2020-11105
PUBLISHED: 2020-03-30

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same add...

CVE-2020-11106
PUBLISHED: 2020-03-30

An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $_SESSION['RF']["view_type"] wasn't sanitized if it was already set. This made stored XSS possible if one opens ajax_calls.php and uses the "view" action and places a pa...

CVE-2020-5284
PUBLISHED: 2020-03-30

Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your applicati...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]