Getting Safe, Smart & Secure on S3
7/11/2018AWS Simple Storage Service has proven to be a security minefield. It doesn't have to be if you pay attention to people, process, and technology.
Post a Comment
Author
Profile of Eric Thomas
Director of Cloud, ExtraHop Member Since: 6/13/2017Author
News & Commentary Posts: 2
Comments: 4
Eric Thomas serves as director of cloud for IT analytics company ExtraHop. Prior to taking this role, Eric led the ExtraHop professional services team, and draws on over 20 years of experience in IT operations. Before joining ExtraHop, Eric performed a variety of operational roles, most recently as director of advanced engineering for Thomson Reuters, where he led a team of performance and availability specialists, supporting over 200 applications representing $2 billion in annual revenue. His prior experience includes enterprise IT management, SaaS production operations, and next-generation technology advocacy.
Articles by Eric Thomas
AWS Simple Storage Service has proven to be a security minefield. It doesn't have to be if you pay attention to people, process, and technology.
Post a Comment
WannaCry? You’re Not Alone: The 5 Stages of Security Grief
6/22/2017As breach after breach hits the news, security professionals cope with the classic experiences of denial, anger, bargaining, depression, and acceptance.
Post a Comment
White Papers
Video
4 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Genius! Only a Big Brother can control another.
Latest Comment: Genius! Only a Big Brother can control another.
Current Issue
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-19433
PUBLISHED: 2018-11-22
PUBLISHED: 2018-11-22
PUBLISHED: 2018-11-22
PUBLISHED: 2018-11-22
PUBLISHED: 2018-11-22
From DHS/US-CERT's National Vulnerability Database CVE-2018-19433
PUBLISHED: 2018-11-22
ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php mishandles the $cur_lang value.
CVE-2018-19434PUBLISHED: 2018-11-22
An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.
CVE-2018-19435PUBLISHED: 2018-11-22
An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.
CVE-2018-19436PUBLISHED: 2018-11-22
An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.
CVE-2018-19437PUBLISHED: 2018-11-22
UCMS 1.4.7 allows remote authenticated users to change the administrator password because $_COOKIE['admin_'.cookiehash] is used for arbitrary cookie values that are set and not empty.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This