Author

 Vikram Phatak
Twitter
LinkedIn
RSS
E-Mail

Profile of Vikram Phatak

Chief Executive Officer of NSS Labs
News & Commentary Posts: 2

Vikram Phatak is Chief Executive Officer of NSS Labs, Inc. Vik is one of the information security industry's foremost thought leaders on vulnerability management and threat protection. With over 20 years of experience, he brings unique insight to the cybersecurity problems facing large enterprises today. A pioneer of Internet security, Vik founded Intermedia Sciences Group in 1994, one of the first Internet service providers and Internet security consulting firms in the United States. Intermedia was acquired in 1999 by Teleflex Inc. Vik later founded Lucid Security in 2001, where he created "Adaptive Intelligence," a groundbreaking intrusion prevention technology. In 2006, Lucid Security was acquired by Trustwave Inc., a leading provider of information security solutions to Fortune 2000 companies. He was named Chief Technology Officer at Trustwave, where he was responsible for the management and development of technology product lines, prior to joining NSS Labs.

Articles by Vikram Phatak
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Bug Hunting Paves Path to Infosec Careers
Kelly Sheridan, Staff Editor, Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20127
PUBLISHED: 2018-12-13
An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds.
CVE-2018-20128
PUBLISHED: 2018-12-13
An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring.
CVE-2018-20129
PUBLISHED: 2018-12-13
An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified ".php" substring, in conjunction with the image/jpeg content type, as demonstrated by the filena...
CVE-2018-6706
PUBLISHED: 2018-12-12
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
CVE-2018-6705
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.