[ad_1] Security consultant Joel Noguera describes how he got involved in testing anti-cheat software security, and what to expect from his upcoming Black Hat Europe talk. Anti-cheat software safeguards countless online game players every year, but it’s not bulletproof. At Black Hat Europe in London next month attendees will learn firsthand where the chinks are
[ad_1] Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2019-11559PUBLISHED: 2019-09-17 A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component. CVE-2019-15729PUBLISHED: 2019-09-17 An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal
[ad_1] Malicious actors look for accounts that are springboards to other systems, according to nearly 300 attendees of Black Hat USA. While black hat hackers and IT security professionals operate on different sides of the fence, a survey conducted at Black Hat USA in Las Vegas last month indicates that they concur on one important
[ad_1] Watch right here for more than 30 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern. If the Las Vegas grasshopper apocalypse is keeping you from attending Black Hat USA 2019, never fear: Dark Reading’s video News Desk will have you covered.
[ad_1] Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2019-14361PUBLISHED: 2019-07-31
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-14439. Reason: This candidate is a reservation duplicate of CVE-2019-14439. Notes: All CVE users should reference CVE-2019-14439 instead of this candidate. All references and descriptions in this candidate have been removed to preve… CVE-2019-14452PUBLISHED:
[ad_1] Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2018-20524PUBLISHED: 2018-12-27 The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-onlydanmu.js is outside the scope of a Content Security Policy (CSP). CVE-2018-20519PUBLISHED: 2018-12-27 An issue was discovered in 74cms v4.2.111. It allows remote