Author

 Thomas Ristenpart

Profile of Thomas Ristenpart

Asst. Professor, Computer Sciences, University of Wisconsin
News & Commentary Posts: 2

Thomas Ristenpart is on the Skyhigh Networks Cryptography Advisory Board and is a professor in the Department of Computer Sciences at the University of Wisconsin. His research spans a wide range of computer security topics, most recently focusing on new threats to, and opportunities for, cloud computing security, as well as topics in applied and theoretical cryptography. His work has been featured in the New York Times, MIT Technology Review, ABC News, U.S. News and World Report, and elsewhere. He completed his PhD at UC San Diego in 2010, received the UC San Diego Computer Science and Engineering Department Dissertation Award in 2011, an NSF CAREER Award in 2013, Best Paper Award at USENIX Security 2014, and is a co-PI for the ongoing NSF Frontier Project called Silver focusing on cloud security topics.

Articles by Thomas Ristenpart
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: So now we are monitoring the monitor?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20145
PUBLISHED: 2018-12-13
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.
CVE-2018-12076
PUBLISHED: 2018-12-13
A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. The vulnerability is due to lack of proper validation of the UPC bar c...
CVE-2018-18922
PUBLISHED: 2018-12-13
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request.
CVE-2018-18923
PUBLISHED: 2018-12-13
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
CVE-2018-19039
PUBLISHED: 2018-12-13
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.