The Nightmare Before Christmas: Security Flaws Inside our Computers
1/5/2018How an Intel design decision with no review by industry security consultants led to one of the biggest vulnerabilities in recent history.
Post a Comment
Author
Profile of Andrew Mayo
Senior Systems Architect, 1E News & Commentary Posts: 1Andrew Mayo has been involved in IT, both in software and hardware roles, for enough years to have worked through the tail-end of the punched card and paper tape era, and the subsequent invention of the PC. Currently he's working on the evolution of 1E's Tachyon solution, looking in depth at both attack and defense strategies, and the evolution of the threat landscape. Previously Team Lead for the AppClarity project, he's worked previously in various verticals including healthcare, finance and ERP. When he's not wrangling with databases, he enjoys playing piano and hiking, especially when the destination is one of England's picturesque pubs.
Articles by Andrew Mayo
How an Intel design decision with no review by industry security consultants led to one of the biggest vulnerabilities in recent history.
Post a Comment
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
VNote 2.2 has XSS via a new text note.
CVE-2019-8421PUBLISHED: 2019-02-17
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2019-8422PUBLISHED: 2019-02-17
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
CVE-2019-7649PUBLISHED: 2019-02-17
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVE-2019-8418PUBLISHED: 2019-02-17
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This