Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Raz Rafaeli

CEO and Co-Founder at Secret Double Octopus

News & Commentary Posts: 3

Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus, is a results-driven business executive with more than 25 years of technology and leadership experience in the software, security, semiconductor, and telecom industries. Previously, Raz was the CEO of MiniFrame and Milestone Software & Systems in addition to holding executive positions at SanDisk & Spansion. Raz holds an MSc in Computer Science from the Technion.

Articles by Raz Rafaeli

View Content By Month

Corporate Credentials for Sale on the Dark Web: How to Protect Employees and Data

12/16/2020
It's past time to retire passwords in favor of other methods for authenticating users and securing systems.
Post a Comment

What Government Contractors Need to Know About NIST, DFARS Password Reqs

6/3/2020
Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
Post a Comment

Active Directory Needs an Update: Here's Why

1/16/2020
AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed.
Post a Comment

Editors' Choice

Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel

Kelly Sheridan, Staff Editor, Dark Reading, 2/23/2021

Edge-DRsplash-10-edge-articles

Security + Fraud Protection: Your One-Two Punch Against Cyberattacks

Joshua Goldfarb, Director of Product Management at F5, 2/23/2021

Cybercrime Groups More Prolific, Focus on Healthcare in 2020

Robert Lemos, Contributing Writer, 2/22/2021

Interop Digital - Free Cybersecurity Event April 29

Communications & Collaboration: 2024 (March 9-10)

More Informa Tech Live Events

White Papers

Why Add Security to Your Skill Set and How to Do It

The Infoblox Q4 2020 Cyberthreat Intelligence Report

Accelerate Threat Resolutions with DNS

Understanding Credential Abuse Attacks: A Real-World Example

Balancing Hybrid Storage as Part of a Hybrid Cloud Data Management Strategy

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: "The truth behind Stonehenge...."

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

Building the SOC of the Future

Building the SOC of the Future

Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.

Assessing Cybersecurity Risk in Today's Enterprises

The Malware Threat Landscape

How Data Breaches Affect the Enterprise (2020)

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-1936
PUBLISHED: 2021-03-02

A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4.

CVE-2021-27904
PUBLISHED: 2021-03-02

An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors.

CVE-2021-27901
PUBLISHED: 2021-03-02

An issue was discovered on LG mobile devices with Android OS 11 software. They mishandle fingerprint recognition because local high beam mode (LHBM) does not function properly during bright illumination. The LG ID is LVE-SMP-210001 (March 2021).

CVE-2021-21321
PUBLISHED: 2021-03-02

fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is &...

CVE-2021-21322
PUBLISHED: 2021-03-02

fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]