Hot Topics

Editors' Choice

3

Microsoft President: Governments Must Cooperate on Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018

1

To Click or Not to Click: The Answer Is Easy

Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  11/14/2018

1

Veterans Find New Roles in Enterprise Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018

Benefits of DNS Service Locality

Paul Vixie, Chairman & CEO, Farsight Security, Inc.,  10/24/2018

Windows 7 End-of-Life: Are You Ready?

Kelly Sheridan, Staff Editor, Dark Reading,  10/24/2018

County Election Websites Can Be Easily Spoofed to Spread Misinformation

Jai Vijayan, Freelance writer,  10/25/2018

Subscribe to Newsletters

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

Developing a Customized Defense Against Targeted Attacks

The Insider Threat: Real Defense for Real Businesses

Cyber Threat Intelligence Inside Your Organization

Webinar Archives

White Papers

2018 Cyberthreat Defense Report

What is the Main Obstacle to Security?

The IT Pro's Guide to DIY Antivirus Testing

Taking Control of Vendor Risk: A 6-Step Approach

For More Effective Endpoint Security, Improve Your Endpoint Management

More White Papers

Video

How Secure Are Our Voting Systems?

3 Comments

Don't Overestimate WebAssembly's Security

0 Comments

SirenJack: Cracking SF's Emergency System

2 Comments

DeepLocker Hides Targeted Attacks

1 Comments

Forensic Analysis of 'Worst Voting ...

0 Comments

The Uncertain Fate of WHOIS, & Other ...

1 Comments

Stopping Payment Card Fraud With Threat Intel

0 Comments

Malicious Cryptomining & Other Shifting ...

0 Comments

The Economics of AI-Enabled Security

0 Comments

Threat Deception for Insider Threat

0 Comments

Filtering the Threat Intel Tsunami

0 Comments

Ensuring Hardened, Secure Web Apps

0 Comments

All Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-19279
PUBLISHED: 2018-11-14

PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater.

CVE-2018-19280
PUBLISHED: 2018-11-14

Centreon 3.4.x has XSS via the resource name or macro expression of a poller macro.

CVE-2018-19281
PUBLISHED: 2018-11-14

Centreon 3.4.x allows SNMP trap SQL Injection.

CVE-2018-17960
PUBLISHED: 2018-11-14

CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste.

CVE-2018-19278
PUBLISHED: 2018-11-14

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed lengt...