Author

 Martin Lee
LinkedIn
Twitter
RSS
E-Mail

Profile of Martin Lee

Technical Lead, Threat Research, Analysis & Communications, Cisco
News & Commentary Posts: 5
As Technical Lead within Ciscos TRAC team, Martin Lee researches the latest developments in cybersecurity and delivers expert opinion on how to mitigate emerging threats and related risks. A Certified Information Systems Security Professional (CISSP) and a chartered engineer, Lee has more than 15 years of experience in system development and 10 years within the security industry. He is a native of England and holds degrees from the universities of Bristol, Cambridge, and Oxford.
Articles by Martin Lee

Is Your DNS Server A Weapon?

10/21/2013
As we improve our defenses against distributed-denial-of-service (DDoS) attacks, the bad guys adapt and step up their game, too. Here's how to use your domain name servers to ward off hackers.

Post a Comment
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12735
PUBLISHED: 2018-06-25
SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.
CVE-2017-9312
PUBLISHED: 2018-06-25
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.
CVE-2018-10956
PUBLISHED: 2018-06-25
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
CVE-2018-11039
PUBLISHED: 2018-06-25
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vuln...
CVE-2018-11040
PUBLISHED: 2018-06-25
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser request...