Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Sam Bocetta

Security Analyst

Member Since: 2/22/2019
Author
News & Commentary Posts: 4
Comments: 0

Sam Bocetta is a freelance journalist specializing in US diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Previously, Sam was a defense contractor. He worked in close partnership with architects and developers to identify mitigating controls for vulnerabilities identified across applications. Currently working as part-time cybersecurity coordinator at assignyourwriter.uk.

Articles by Sam Bocetta

View Content By Month

Trading Online? Steps to Take to Avoid Getting Phished

12/18/2019
From an IT manager’s perspective, any employee using such a mobile app on a phone they also use for business opens up risks to the corporate network.
Post a Comment

It's (Still) the Password, Stupid!

8/9/2019
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.
Post a Comment

How Hackers Emptied Church Coffers with a Simple Phishing Scam

6/19/2019
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
Post a Comment

Embracing DevSecOps: 5 Processes to Improve DevOps Security

2/27/2019
In the cyber threat climate of the 21st century, sticking with DevOps is no longer an option.
Post a Comment

Editors' Choice

Edge-DRsplash-10-edge-articles

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

@Hack - November 28-30, 2021 Saudi Arabia - Learn More

Black Hat USA 2021 - July 31-August 5 - Learn More

Enterprise Connect Orlando, September 27-29, 2021: Where Corporate IT Decision Makers Connect - Save $200 with Promo Code IWBX200

More Informa Tech Live Events

White Papers

Cloud Cyber Resilience Report - Evolving Risks, Insecure Defaults, Watering Hole Threats

Integration Platform as a Service for Order Management Systems: Why Should You Care?

Today's Hybrid Work Model Requires a Hybrid Approach to Security

Accelerate Network Operations Efficiency with AIOps

Privileged Access Management Checklist

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

The State of Cybersecurity Incident Response

In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.

Download This Issue!

Back Issues | Must Reads

Flash Poll

Incident Readiness and Building Response Playbook

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Battle for the Endpoint

How Enterprises are Developing Secure Applications

Assessing Cybersecurity Risk in Today's Enterprises

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-22521
PUBLISHED: 2021-07-30

A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges.

CVE-2021-34629
PUBLISHED: 2021-07-30

The SendGrid WordPress plugin is vulnerable to authorization bypass via the get_ajax_statistics function found in the ~/lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8.

CVE-2021-34630
PUBLISHED: 2021-07-30

In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtranslate_request_uri_var function runs at the top of all pages and echoes out the contents of $_SERVER['REQUEST_URI']. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vu...

CVE-2021-3636
PUBLISHED: 2021-07-30

It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificates s...

CVE-2021-29297
PUBLISHED: 2021-07-30

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]