Author

 Rohyt Belani
Twitter
LinkedIn
RSS
E-Mail

Profile of Rohyt Belani

Chief Threat Scientist
Member Since: 5/12/2014
Author
News & Commentary Posts: 1
Comments: 0

Gary Warner is one of PhishMe's elite cybercrime researchers, where his current research areas are malware analysis, social networks of cyber criminals, hate groups, and terrorists. Involved in cybersecurity since 1989, he began his career helping large organizations connect securely to the internet. He has worked as an IT director for a publicly-traded utility, and has served as a task force officer for the FBI Cybercrimes Task Force. With regards to critical infrastructure protection, he founded the Birmingham InfraGard chapter, and has served on the national boards of the FBI's InfraGard program and DHS's Energy ISAC.

Since 2007, Warner has been teaching and researching at the University of Alabama at Birmingham in an interdisciplinary program that applies computer science solutions to justice science problems. His research has been supported by the Department of Justice, the Department of Homeland Security, and many corporate partners. He has been awarded the Microsoft MVP Award in Enterprise Security five times, received the IC3.gov/NCFTA Partnership Award and has been recognized by former FBI Director Robert Mueller for Exceptional Service in the Public Interest. His early research in spam and phishing intelligence led to the creation of Malcovery Security, acquired by PhishMe in 2015.

Articles by Rohyt Belani
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Turn the NIST Cybersecurity Framework into Reality: 4 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1674
PUBLISHED: 2018-09-20
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
CVE-2018-1800
PUBLISHED: 2018-09-20
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occuring. IBM X-Force ID: 149607.
CVE-2018-3864
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-3865
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-17254
PUBLISHED: 2018-09-20
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.