Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Chris Babel

CEO, TrustArc

Member Since: 6/28/2017
Author
News & Commentary Posts: 4
Comments: 0

As CEO of TrustArc, formerly known as TRUSTe, Chris has led the company through significant growth and transformation into a leading global privacy compliance and risk management company. Before joining TrustArc, Chris spent over a decade building online trust, most recently in the security industry as senior vice president and general manager of VeriSign's worldwide authentication services business. Chris also previously managed VeriSign's SSL and managed security services business. He holds a BA in Mathematical Methods in the Social Sciences and Economics with Highest Distinction from Northwestern University.

Articles by Chris Babel

View Content By Month

California Consumer Privacy Act: 4 Compliance Best Practices

4/30/2019
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
Post a Comment

GDPR Report Card: Some Early Gains but More Work Ahead

10/4/2018
US companies paid the most, to date, to meet the EU's General Data Protection Regulation, according to a recent study, but UK companies made greater progress in achieving compliance goals.
Post a Comment

Why We Need Privacy Solutions That Scale Across Borders

4/17/2018
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
Post a Comment

The High Costs of GDPR Compliance

7/11/2017
Looming, increasingly strict EU privacy regulations are pushing privacy spending to the top of IT priorities and budgets.
Post a Comment

Editors' Choice

Windows 10 Migration: Getting It Right

Kevin Alexandra, Principal Solutions Engineer at BeyondTrust, 5/15/2019

Artist Uses Malware in Installation

Dark Reading Staff 5/17/2019

Baltimore Ransomware Attack Takes Strange Twist

Kelly Jackson Higgins, Executive Editor at Dark Reading, 5/14/2019

Live Events

Webinars

WorkSpace Connect - Sept 9-11, Dallas - Register Now!

Prepare for the Future of WorkSpaces! Register Today!

Work Styles Are Evolving, Are Your IT Teams Ready?

More Informa Tech Live Events

White Papers

[Checklist] Vendor Risk Management Fundamentals

Building and Managing an IT Security Operations Program

6 Keys to Faster Phishing Mitigation

The Vulnerable Landscape: Metrics, Insights & Impact

Why We Need an Efficient Navigation System for Networks

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

Building and Managing an IT Security Operations Program

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Developing Secure Applications

How Enterprises Are Developing Secure Applications

IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.

Download Now!

The State of Cyber Security Incident Response

How Enterprises Are Attacking the Cybersecurity Problem

How Enterprises Are Using IT Threat Intelligence

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-12198
PUBLISHED: 2019-05-20

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header.

CVE-2019-12185
PUBLISHED: 2019-05-20

eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web r...

CVE-2019-12184
PUBLISHED: 2019-05-19

There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.

CVE-2019-12173
PUBLISHED: 2019-05-18

MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.

CVE-2019-12172
PUBLISHED: 2019-05-17

Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.

Terms of Service
Privacy Statement
Legal Entities
Copyright © 2019 UBM, All rights reserved

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]