Measuring Security Effectiveness Body

library
crime | hacking | security

Network Computing
Darkreading

NSS Labs’ CMO Gautam Aggarwal discusses how the company’s CAWS Security Validation Platform can help CISOs get empirical evidence of security effectiveness and map security vulnerabilities to business impact.

‘);
}

Comments

‘);
}

Live Events

Webinars

More UBM Tech
Live Events

Dark Reading Live EVENTS

0 Comments

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: “Windows 10 Paint 3D is awesome!”

Security Vulnerabilities: The Next WaveJust when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?

Reports

[Strategic Security Report] Assessing Cybersecurity Risk

As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today’s enterprises evaluate the risks they face. This report also offers a look at security professionals’ concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.

7 Hardware Firmware Hacks Highlighted at Black Hat 2017

Best of Black Hat: 20 Epic Talks in 20 Years

IoT Security Incidents Rampant and Costly

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2017-0290Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within …

CVE-2016-10369Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version…

CVE-2016-8209Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

googletag.display(‘div-gpt-ad-961777897907396673-15’);

Tweet This
[close this box]

Article source: https://www.darkreading.com/measuring-security-effectiveness-body/v/d-id/1329522?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Comments are closed.