Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Derek Melber

Technical Evangelist for ManageEngine

News & Commentary Posts: 1

Derek Melber is the technical evangelist for ManageEngine, a division of Zoho Corporation. As one of only a handful of Microsoft Group Policy MVPs, Derek helps Active Directory administrators, auditors, and security professionals understand the finer points of how to manage, audit, recover, and solve issues that occur in Active Directory and Group Policy. He educates IT professionals worldwide on Active Directory, Group Policy, and Security, and has authored over 15 books on Windows security and management. He's famous for his video shorts in which he offers quick, practical solutions for Active Directory management. For more information on ManageEngine, the real-time IT management company, please visit www.manageengine.com; follow the company blog, on Facebook and on Twitter.

Articles by Derek Melber

View Content By Month

Controlling Privileged Access To Prevent Rogue Users In Active Directory

2/20/2017
Knowing which of your employees have which privileges is the first step to staying safe.
Post a Comment

Content by Month
February 2017 - 1
[close this box]

Hot Topics

Editors' Choice

Malicious USB Drive Hides Behind Gift Card Lure

Dark Reading Staff 3/27/2020

Virgin Media Could Pay £4.5B for Leak Affecting 900,000 Customers

Dark Reading Staff 3/27/2020

Security Not a Priority for SAP Projects, Users Report

Dark Reading Staff 3/26/2020

Webinars

How to Effectively Analyze Security Data

Virtual Event: The State of Cloud Security

Building a Strategy for Detection and Response

Webinar Archives

White Papers

Cybersecurity Research: 2019 AWS Cloud Security Report

Securing Real-Time Communications for Dummies Book

Hackers: Your Secret Weapon

Power Management 101: Get the Most Out of Your Hardware

AI-Augmented Attacks and the Battle of the Algorithms

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "I feel safe, but I can't understand a word he's saying."

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-11111
PUBLISHED: 2020-03-31

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).

CVE-2020-11112
PUBLISHED: 2020-03-31

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).

CVE-2020-11113
PUBLISHED: 2020-03-31

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

CVE-2020-10374
PUBLISHED: 2020-03-30

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.

CVE-2020-11104
PUBLISHED: 2020-03-30

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an (initialized) C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information (such as memory layout or private keys) can be gleaned if...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]