Hot Topics

Editors' Choice

3

'PowerSnitch' Hacks Androids via Power Banks

Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018

1

How Well Is Your Organization Investing Its Cybersecurity Dollars?

Jack Jones, Chairman, FAIR Institute,  12/11/2018

1

The Case for a Human Security Officer

Ira Winkler, CISSP, President, Secure Mentem,  12/5/2018

'London Blue' BEC Cybercrime Gang Unmasked

Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/4/2018

4 Lessons Die Hard Teaches About Combating Cyber Villains

Keith Graham, Chief Technology Officer, SecureAuth,  12/6/2018

Kubernetes Vulnerability Hits Top of Severity Scale

Curtis Franklin Jr., Senior Editor at Dark Reading,  12/6/2018

Subscribe to Newsletters

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Stopping Email-Borne Threats from Spreading like the Flu

Consistency is Key with Cloud Security

Using Security Champions to Build a DevSecOps Culture Within Your Organization

Webinar Archives

White Papers

Fact vs. Fiction: Mobile Support

STIX/TAXII: What You Need to Know

Threatscape of the US Election from Anomali Labs

IP Address Audit Checklist: A 10 Step Guide

Cybersecurity Checklist for SaaS Applications

More White Papers

Video

How Secure Are Our Voting Systems?

4 Comments

Don't Overestimate WebAssembly's Security

0 Comments

SirenJack: Cracking SF's Emergency System

2 Comments

DeepLocker Hides Targeted Attacks

1 Comments

Forensic Analysis of 'Worst Voting ...

0 Comments

The Uncertain Fate of WHOIS, & Other ...

2 Comments

Stopping Payment Card Fraud With Threat Intel

0 Comments

Malicious Cryptomining & Other Shifting ...

0 Comments

The Economics of AI-Enabled Security

0 Comments

Threat Deception for Insider Threat

0 Comments

Filtering the Threat Intel Tsunami

0 Comments

Ensuring Hardened, Secure Web Apps

0 Comments

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

10 Best Practices That Could Reshape Your IT Security Department

This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Using IT Threat Intelligence

Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.

Download Now!

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-15328
PUBLISHED: 2018-12-12

On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear ...

CVE-2018-17949
PUBLISHED: 2018-12-12

Cross site scripting vulnerability in iManager prior to 3.1 SP2.

CVE-2018-17950
PUBLISHED: 2018-12-12

Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2

CVE-2018-17952
PUBLISHED: 2018-12-12

Cross site scripting vulnerability in eDirectory prior to 9.1 SP2

CVE-2018-16867
PUBLISHED: 2018-12-12

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may l...