Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Raz Rafaeli

CEO and Co-Founder at Secret Double Octopus

News & Commentary Posts: 1

Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus, is a results-driven business executive with more than 25 years of technology and leadership experience in the software, security, semiconductor, and telecom industries. Previously, Raz was the CEO of MiniFrame and Milestone Software & Systems in addition to holding executive positions at SanDisk & Spansion. Raz holds an MSc in Computer Science from the Technion.

Articles by Raz Rafaeli

View Content By Month

Active Directory Needs an Update: Here's Why

1/16/2020
AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed.
Post a Comment

Content by Month
January 2020 - 1
[close this box]

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 5/22/2020

How an Industry Consortium Can Reinvent Security Solution Testing

Henry Harrison, Co-founder & Chief Technology Officer, Garrison, 5/21/2020

10 iOS Security Tips to Lock Down Your iPhone

Kelly Sheridan, Staff Editor, Dark Reading, 5/22/2020

Webinars

Building & Managing the Next-Gen SOC

Don't Miss this Dark Reading Virtual Event on Critical Data Breaches

Thinking Like an Attacker: Strategies for Defense

Webinar Archives

White Papers

3 Reasons Why Your Remote Workforce is Vulnerable

Security Intelligence: Driving Security From Analytics to Action

Global Application and Network Security Report

2020 Security Trends to Watch

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.

Download Now!

State of Cybersecurity Incident Response

0 comments

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-13458
PUBLISHED: 2020-05-25

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.

CVE-2020-13459
PUBLISHED: 2020-05-25

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.

CVE-2020-13442
PUBLISHED: 2020-05-25

A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.

CVE-2020-5537
PUBLISHED: 2020-05-25

Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.

CVE-2020-13438
PUBLISHED: 2020-05-24

ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]