Author

 Tom Kellermann
Twitter
RSS
E-Mail

Profile of Tom Kellermann

CEO & Cofounder, Strategic Cyber Ventures
News & Commentary Posts: 5

Tom is a cyber intelligence expert, author, professor, and leader in the field of cybersecurity.  Having held a seat on the Commission on Cyber Security for the 44th President of the United States and serving as an advisor to the International Cyber Security Protection Alliance (ICSPA), he has worked in the highest levels of cybersecurity.  He has applied his expertise in the corporate world, as chief cybersecurity officer for Trend Micro, where for over three years Tom was responsible for analysis of emerging cybersecurity threats and relevant defensive technologies.  Prior to Trend Micro, Tom served as the vice president of security for Core Security. 

 

Tom began his career as senior data risk management specialist for the World Bank treasury security team, where he was responsible for cyber intelligence and security policy as he advised central banks around the world about their cyber risk posture.

 

In addition to his professional work, Tom believes in sharing his knowledge to benefit others in order to combat cybercrime.  Tom was a Professor at American University's School of International Service and the Kogod School of Business, and he co-authored the book E-safety and Soundness: Securing Finance in a New Age. He regularly presents at global cybersecurity conferences and is a contributor on cyber analysis for major networks. Tom is a Certified Information Security Manager and is a Certified Ethical Hacker.

 

 

Articles by Tom Kellermann
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12735
PUBLISHED: 2018-06-25
SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.
CVE-2017-9312
PUBLISHED: 2018-06-25
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.
CVE-2018-10956
PUBLISHED: 2018-06-25
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
CVE-2018-11039
PUBLISHED: 2018-06-25
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vuln...
CVE-2018-11040
PUBLISHED: 2018-06-25
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser request...