Hot Topics

Editors' Choice

3

Japan Cyber Minister Says He Has Never Used a Computer

Dark Reading Staff 11/15/2018

2

New Bluetooth Hack Affects Millions of Vehicles

Dark Reading Staff 11/16/2018

2

Understanding Evil Twin AP Attacks and How to Prevent Them

Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018

RIP, 'IT Security'

Kevin Kurzawa, Senior Information Security Auditor,  11/13/2018

Security Teams Struggle with Container Security Strategy

Ericka Chickowski, Contributing Writer, Dark Reading,  11/14/2018

Cryptojacking, Mobile Malware Growing Threats to the Enterprise

Curtis Franklin Jr., Senior Editor at Dark Reading,  11/14/2018

Subscribe to Newsletters

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

Using Security Champions to Build a DevSecOps Culture Within Your Organization

Developing a Customized Defense Against Targeted Attacks

The Internet of Things: What Does It Mean for IT Security?

Webinar Archives

White Papers

Outsmart Malware

10 Best Practices That Could Reshape Your IT Security Department

Malware Review Q2-Q3 2018

Taking Control of Vendor Risk: A 6-Step Approach

4 Support Teams That Embraced Mobile

More White Papers

Video

How Secure Are Our Voting Systems?

3 Comments

Don't Overestimate WebAssembly's Security

0 Comments

SirenJack: Cracking SF's Emergency System

2 Comments

DeepLocker Hides Targeted Attacks

1 Comments

Forensic Analysis of 'Worst Voting ...

0 Comments

The Uncertain Fate of WHOIS, & Other ...

1 Comments

Stopping Payment Card Fraud With Threat Intel

0 Comments

Malicious Cryptomining & Other Shifting ...

0 Comments

The Economics of AI-Enabled Security

0 Comments

Threat Deception for Insider Threat

0 Comments

Filtering the Threat Intel Tsunami

0 Comments

Ensuring Hardened, Secure Web Apps

0 Comments

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I guess we reached the singularity point faster than expected.  

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-19406
PUBLISHED: 2018-11-21

kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.

CVE-2018-19407
PUBLISHED: 2018-11-21

The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.

CVE-2018-19404
PUBLISHED: 2018-11-21

In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...

CVE-2018-19387
PUBLISHED: 2018-11-20

format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.

CVE-2018-19388
PUBLISHED: 2018-11-20

FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.