Upcoming Webinars

Webinar Archives
The Latest Social Engineering Attacks and How To Understand and Prevent Them
Date: Aug 21, 2018
View webinar
Join Dark Reading as we welcome experts who will discuss the most effective methods of defending against the latest social engineering attacks.

AI & Machine Learning - How to Improve Enterprise Security With Them
Date: Aug 16, 2018
View webinar
Hear a top expert review useful definitions of AI & ML terms, and discuss some practical applications of the technology that might speed your incident reaction time and improve your use of IT security staff resources.

Active Archive & Data Repository with Hadoop
Date: Jul 31, 2018
View webinar
Once you've begun to use Hadoop for ETL offload, the next logical steps on your journey toward the data warehouse of the future are to create an active archive and a data repository. This webinar will teach you how!

The Latest In Domain Fraud Trends And How To Secure Your Brand's Domain Footprint
Date: Jul 24, 2018
View webinar
With suspicious and infringing domains on the rise, it's imperative that organizations protect themselves and their customers from the threats they pose, bringing the rise of strategic domain management and its importance. Learn how your organization can protect themselves.

White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Number of Retailers Impacted by Breaches Doubles
Ericka Chickowski, Contributing Writer, Dark Reading,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14500
PUBLISHED: 2018-07-22
joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.php keyword parameter.
CVE-2018-14501
PUBLISHED: 2018-07-22
manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an "m_id=1 AND SLEEP(5)" substring.
CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.