Author

 Vincent Weafer

Profile of Vincent Weafer

Senior Vice President, Intel Security
News & Commentary Posts: 11

Vincent Weafer is Senior Vice President of Intel Security, managing more than 350 researchers across 30 countries. He's also responsible for managing millions of sensors across the globe, all dedicated to protecting our customers from the latest cyber threats. Vincent's team is dedicated to advancing the research and intelligence gathering capabilities required to provide the latest protection solutions in malware, host and network intrusion, email, vulnerability, regulatory compliance, and web security.

Vincent has an extensive range of experience gained over 25 years in the information technology industry, including 11 years as the leader of Symantec's Security Response team. He is also a highly regarded speaker on Internet security threats and trends, with coverage in national and international press and broadcast media. He has been invited to testify on multiple government committees including the States Senate Committee on the Judiciary hearing on Combating Cyber Crime and Identify Theft in the Digital Age in April 2010, the United States Sentencing Commission's Public Hearing on Identity Theft and Restitution Act of 2008 in March 2009, and the United States Senate Committee on Commerce, Science, and Transportation on Impact and Policy Implications of Spyware onConsumers and Businesses in June 2008. In addition he has presented at many international conferences and was a committee member of the IEEE Industry Connections Study Group (ICSG) 2009-2010, and has also co-authored a book on Internet Security.

Articles by Vincent Weafer

10 Questions To Ask Yourself About Securing Big Data

4/27/2016
Big data introduces new wrinkles for managing data volume, workloads, and tools. Securing increasingly large amounts of data begins with a good governance model across the information life cycle. From there, you may need specific controls to address various vulnerabilities. Here are a set of questions to help ensure that you have everything covered.

Post a Comment
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Locked device, Ha! I knew there was another way in.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-2638
PUBLISHED: 2018-07-16
It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.
CVE-2017-7468
PUBLISHED: 2018-07-16
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was...
CVE-2018-13387
PUBLISHED: 2018-07-16
The IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to inject arbitrary HTML or ...
CVE-2018-14071
PUBLISHED: 2018-07-16
The Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input.
CVE-2018-5229
PUBLISHED: 2018-07-16
The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of user submitted add-on names.