Thought Leaders
Editors
Marilyn Cohodas
Marilyn Cohodas
Community Editor, Dark Reading
Kelly Jackson Higgins
Kelly Jackson Higgins
Executive Editor at Dark Reading
Sara Peters
Sara Peters
Senior Editor at Dark Reading
Tim Wilson
Tim Wilson
Editor in Chief, Dark Reading
Contributors
Tsion Gonen
Tsion Gonen
Chief Strategy Officer, SafeNet
Yoav Leitersdorf and Ofer Schreiber
Yoav Leitersdorf and Ofer Schreiber
Managing Partner & Partner, YL Ventures
Robert R. Ackerman Jr.
Robert R. Ackerman Jr.
Founder & Managing Director, Allegis Capital
Ryan Allphin
Ryan Allphin
Senior Vice President & General Manager, Security Management, McAfee
François Amigorena
François Amigorena
Founder & CEO, IS Decisions
Ed Amoroso
Ed Amoroso
Chief Security Officer, AT&T
Bret Arsenault
Bret Arsenault
CISO, Microsoft
Liviu Arsene
Liviu Arsene
Senior E-threat Analyst, Bitdefender
Charles Babcock
Charles Babcock
Editor At Large, InformationWeek
Don Bailey
Don Bailey
Founder & CEO, Lab Mouse Security
Vijay Basani
Vijay Basani
CEO, EiQ Networks
Rohyt Belani
Rohyt Belani
CEO & Co-Founder, PhishMe
Anthony Di Bello
Anthony Di Bello
Director, Security Practice, Guidance Software
David Berlind
Chief Content Officer, UBM TechWeb
Rajat Bhargava
Rajat Bhargava
Co-Founder & CEO, JumpCloud
Michael Biddick
Michael Biddick
CEO, Fusion PPT
James Bindseil
James Bindseil
President & CEO, Globalscape
Boatner Blankenstein
Boatner Blankenstein
Senior Director, Solutions Engineering, Bomgar
Kevin Bocek
Kevin Bocek
VP Security Strategy & Threat Intelligence, Venafi
Ellis Booker
Ellis Booker
Technology Journalist
Kate Borten
Kate Borten
President, The Marblehead Group
Jennifer Bosavage
Jennifer Bosavage
Editor In Chief, Solution Providers for Retail
Bogdan Botezatu
Bogdan Botezatu
Senior E-threat Analyst, Bitdefender
Tom Bowers
Tom Bowers
Principal Security Strategist, ePlus Technologies
Stephen Boyer
Stephen Boyer
CTO & Founder, BitSight Technologies
Andre Boysen
Andre Boysen
EVP, Digital Identity Evangelist, SecureKey
Mark Bregman
Mark Bregman
Senior Vice President & Chief Technology Officer, Neustar
John Bumgarner
John Bumgarner
Chief Technology Officer for the U.S. Cyber Consequences Unit
Kristin Burnham
Kristin Burnham
Senior Editor, InformationWeek.com
Craig Carpenter
Craig Carpenter
Chief Cybersecurity Strategist, AccessData
David F Carr
David F Carr
Editor, InformationWeek Government/Healthcare
Pat Carroll
Pat Carroll
Executive Chairman & Founder, ValidSoft
Sol Cates
Sol Cates
CSO, Vormetric
Chris Chapman
Chris Chapman
Senior Methodologist, Spirent Communications
Ericka Chickowski
Ericka Chickowski
Contributing Writer, Dark Reading
Thomas Claburn
Thomas Claburn
Editor-at-Large
Kerstyn Clover
Kerstyn Clover
Attack & Defense Team Consultant
Michael Coates
Michael Coates
Chairman, OWASP; Director, Product Security, Shape Security
Mark L. Cohn
Mark L. Cohn
Chief Technology Officer, Unisys Federal Systems
Eric Cole
Eric Cole
Founder & Chief Scientist, Secure Anchor Consulting
Leo Cole
Leo Cole
GM, Security Solutions, Trustwave
Andrew Conry-Murray
Andrew Conry-Murray
Director of Content & Community, Interop
Lance Cottrell
Lance Cottrell
Chief Scientist, Ntrepid
Bob Covello
Bob Covello
Security Tech Veteran
George Crump
George Crump
President, Storage Switzerland
Michael K. Daly
Michael K. Daly
CTO, Cybersecurity & Special Missions, Raytheon Intelligence, Information & Services
Andy Daudelin
Andy Daudelin
VP Security Services, AT&T Business Solutions
Michael A. Davis
Michael A. Davis
Contributing Editor
Amy DeCarlo
Amy DeCarlo
Principal Analyst, Security and Data Center Services
Alison Diana
Alison Diana
Senior Editor
Boonsri Dickinson
Boonsri Dickinson
Associate Editor of BYTE
John Dickson
John Dickson
CISSP, Principal, Denim Group
Carric Dooley
Carric Dooley
WW VP of Foundstone Services, Intel Security
Paul Drapeau
Paul Drapeau
Principal Security Researcher, Confer
Andrey Dulkin
Andrey Dulkin
Senior Director, Cyber Innovation, CyberArk
Phil Dunkelberger
Phil Dunkelberger
President & CEO, Nok Nok Labs
Steve Durbin
Steve Durbin
Global VP, Information Security Forum
Adam Ely
Adam Ely
COO, Bluebox
Michael Endler
Michael Endler
Associate Editor, InformationWeek.com
Giora Engel
Giora Engel
VP Product & Strategy, LightCyber
Marisa Fagan
Marisa Fagan
Community Manager, Bugcrowd
Todd Feinman
Todd Feinman
President & CEO, Identity Finder
Jonathan Feldman
Jonathan Feldman
CIO, City of Asheville, NC
Mike Fey
Mike Fey
EVP, GM of Corporate Products & CTO, Intel Security
Michael Finneran
Michael Finneran
President, dBrn Associates, Inc.
Adam Firestone
Adam Firestone
President & GM, Kaspersky Government Security Solutions
Roman Foeckl
Roman Foeckl
CEO & Founder, CoSoSys
Kevin Fogarty
Kevin Fogarty
Technology Writer
John Foley
John Foley
Editor, InformationWeek
Brian Foster
Brian Foster
CTO, Damballa
Paige Francis
Paige Francis
CIO for IT, Fairfield University
Mike Fratto
Mike Fratto
Former Network Computing Editor
Andrew Froehlich
Andrew Froehlich
President & Lead Network Architect, West Gate Networks
Dave Frymier
Dave Frymier
Chief Information Security Officer, Unisys
Lorna Garey
Lorna Garey
Content Director, InformationWeek Reports
Brad Garlinghouse
Brad Garlinghouse
CEO, Hightail
Randy George
Randy George
Director, IT Operations, Boston Red Sox
Joshua Goldfarb
Joshua Goldfarb
CSO, nPulse Technologies
Rick Gordon
Rick Gordon
Managing Partner, Mach37 Cyber Accelerator
Garret Grajek
Garret Grajek
CTO & COO, SecureAuth
Kevin E. Greene
Kevin E. Greene
Software Assurance Program Manager, Department of Homeland Security Science & Technology Directorate
Levi Gundert
Levi Gundert
Technical Lead, Cisco Threat Research, Analysis, and Communications (TRAC)
Christopher Hadnagy
Christopher Hadnagy
Founder & CEO, Social-Engineer, Inc.
Malcolm Harkins
Malcolm Harkins
Vice President and Chief Security and Privacy Officer, Intel Corporation
Matt Hartley
Matt Hartley
VP Product Management, iSIGHT Partners
Andrew Hay
Andrew Hay
Sr. Security Research Lead & Evangelist, OpenDNS
Doug Henschen
Doug Henschen
Executive Editor, InformationWeek
Joe Hernick
Joe Hernick
IT Director
Robert Hinden
Robert Hinden
Check Point Fellow & IPV6 Co-Inventor
J. Nicholas Hoover
J. Nicholas Hoover
Senior Editor, InformationWeek Government
Rick Howard
Rick Howard
CSO, Palo Alto Networks
Daniel Ingevaldson
Daniel Ingevaldson
CTO, Easy Solutions
Ravi Ithal
Ravi Ithal
Chief Architect, Netskope
William Jackson
William Jackson
Technology Writer
David Jacoby
David Jacoby
Sr. Security Researcher, Kaspersky Lab
Mike Jennett
Mike Jennett
Enterprise IT Mobility Program Director, HP
Dan Jones
Dan Jones
Mobile Editor
Sheila B. Jordan
Sheila B. Jordan
SVP & CIO, Symantec
TK Keanini
TK Keanini
CTO, Lancope
Dave Kearns
Dave Kearns
Analyst, Kuppinger-Cole
Tal Klein
Tal Klein
VP Strategy, Adallom
Bill Kleyman
Bill Kleyman
National Director of Strategy & Innovation, MTM Technologies
John Klossner
John Klossner
Cartoonist
Marianne Kolbasuk McGee
Marianne Kolbasuk McGee
Senior Writer, InformationWeek
George Kurtz
George Kurtz
President & CEO, CrowdStrike
Ray Le Maistre
Ray Le Maistre
Editor-in-chief
Felix Leder
Felix Leder
Senior Malware Researcher, Blue Coat Systems Norway
Martin Lee
Martin Lee
Technical Lead, Threat Research, Analysis & Communications, Cisco
Robert Lemos
Robert Lemos
Technology Journalist
Pete Lindstrom
Pete Lindstrom
Principal & VP Research, Spire Security
Becca Lipman
Becca Lipman
Senior Editor
Eric Lundquist
Eric Lundquist
VP & Editorial Analyst for InformationWeek Business Technology Network
Calum MacLeod
Calum MacLeod
VP, EMEA, Lieberman Software
Elena Malykhina
Elena Malykhina
Technology Journalist
Kurt Marko
Kurt Marko
Contributing Editor
Howard Marks
Howard Marks
Network Computing Blogger
Leonard T. Marzigliano
Leonard T. Marzigliano
CISSP-ISSMP, Information Assurance Architect, Defense Logistics Agency
Paul McDougall
Paul McDougall
Editor At Large, InformationWeek
Martin McKeay
Martin McKeay
Senior Security Advocate, Akamai
Laurianne McLaughlin
Laurianne McLaughlin
Editor-in-Chief, InformationWeek.com
Michelle McNickle
Michelle McNickle
Associate Editor of InformationWeek Healthcare
Jasmine McTigue
Jasmine McTigue
Principal, McTigue Analytics
David Melnick
David Melnick
Founder & CEO, WebLife Balance
Grayson Milbourne
Grayson Milbourne
Director, Security Intelligence, Webroot
Grant Moerschel
Grant Moerschel
Co-Founder, WaveGard
Ken  Munro
Ken Munro - Ken Munro
Partner & Founder, Pen Test Partners LLP
Chris Murphy
Chris Murphy
Editor, InformationWeek
Lysa Myers
Lysa Myers
Security Researcher, ESET
Corey Nachreiner
Corey Nachreiner
Director, Security Strategy & Research, WatchGuard Technologies
Kaushik Narayan
Kaushik Narayan
CTO, Skyhigh Networks
Krishna Narayanaswamy
Krishna Narayanaswamy
Founder & Chief Scientist, Netskope
Wendy Nather
Wendy Nather
Research Director, Enterprise Security Practice
Fritz Nelson
Fritz Nelson
Vice President, Editorial Director InformationWeek Business Technology Network
Fredrik Nilsson
Fredrik Nilsson
General Manager, Axis Communications, North America
Evelyn De Souza & Richard Noguera
Evelyn De Souza & Richard Noguera
Cloud Security Alliance Data Governance Chair & Cloud Compliance & Data Privacy Strategy Leader, Cisco
Roma Nowak
Roma Nowak
Sr Director Web Operations & Production
Susan Nunziata
Susan Nunziata
Community Editor
Chris Nutt
Chris Nutt
Director, Incident Response & Malware, Mandiant
Thomas Pedersen
Thomas Pedersen
CEO & Founder, OneLogin
John W. Pirc
John W. Pirc
Research Vice President, NSS Labs
Dave Piscitello
Dave Piscitello
VP Security, ICANN
Jason Polancich
Jason Polancich
Founder & Chief Architect, SurfWatchLabs
Malte Pollmann
Malte Pollmann
CEO, Utimaco
Nitin Pradhan
Nitin Pradhan
Managing Partner, GOVonomy
Rob Preston
Rob Preston
VP & Editor in Chief, InformationWeek
Brian Prince
Brian Prince
Contributing Writer, Dark Reading
Tom Quillin
Tom Quillin
Director of Cyber Security Technology & Initiatives, Intel Corporation
Jim Reavis
Jim Reavis
Co-Founder & Executive Director, Cloud Security Alliance
Brian Riley
Brian Riley
Technical Director, Government Programs, Green Hills Software
Steve Riley
Steve Riley
Technical Leader, Office of the CTO, Riverbed Technology
Cam Roberson
Cam Roberson
Director Reseller Channel, Beachhead Solutions
Bradon Rogers
Bradon Rogers
Senior Vice President, Worldwide Product and Solution Marketing, McAfee
Tim Rohrbaugh
Tim Rohrbaugh
VP Information Security, Intersections Inc.
Dan Ross
Dan Ross
CEO & President, Promisec
John Rostern
John Rostern
CRISC, QSA, VP Technology Audit & Advisory Services, Coalfire
Mike Rothman
Mike Rothman
Analyst & President, Securosis
Jeff Rubin
Jeff Rubin
Co-Founder & VP, Beachhead Solutions
Jason Sachowski
Jason Sachowski
Sr. Manager, Security R&D, Scotiabank
Nick Sanna
Nick Sanna
President, Digital Risk Management Institute
Tim Sapio
Tim Sapio
Security Analyst, Bishop Fox
Marcia Savage
Marcia Savage
Managing Editor, Network Computing
John H. Sawyer
John H. Sawyer
Contributing Writer, Dark Reading
Ira Scharf
Ira Scharf
Chief Strategy Officer, BitSight Technologies
Jaeson Schultz
Jaeson Schultz
Threat Research Engineer, Cisco TRAC Team
Nick Selby
Nick Selby
CEO, StreetCred Software, Inc
Kelly Sheridan
Kelly Sheridan
Associate Editor, Insurance & Technology
JD Sherry
JD Sherry
VP Technology & Solutions, Trend Micro
Kevin Smith
Kevin Smith
VP, The Graham Company
Phil Smith
Phil Smith
SVP Security Solutions, Trustwave
Mark Goldstein & Arun Sood
Mark Goldstein & Arun Sood
Principal, SafeSecurePrivate / PhD, Founder & CEO, SCIT Labs
Michael Sutton
Michael Sutton
VP Security Research, Zscaler
Shahar Tal
Shahar Tal
Vulnerability & Security Research Manager, Check Point Software Technologies
Bankim Tejani
Bankim Tejani
Senior Security Architect, ServiceMesh
J.J. Thompson
J.J. Thompson
CEO & Managing Director, Rook Security
John Trobough
John Trobough
CEO, Narus
Bala Venkat
Bala Venkat
CMO, Cenzic
Jai Vijayan
Jai Vijayan
Freelance writer
Paul Vixie
Paul Vixie
Chairman & CEO, Farsight Security, Inc.
Mitch Wagner
Mitch Wagner
California Bureau Chief, Light Reading
Julian Waits
Julian Waits
President & CEO, ThreatTrack Security
Peter Waterhouse
Peter Waterhouse
Senior Technical Marketing Advisor, CA Technologies
Mark Weinstein
Mark Weinstein
Founder & CEO, Sgrouples
Chris Weltzien
Chris Weltzien
CEO, 6Scan
Bob West
Bob West
Chief Trust Officer, CipherCloud
Jeff Williams
Jeff Williams
CTO, Aspect Security & Contrast Security
Ira Winkler
Ira Winkler
Co-Founder & President, Secure Mentem, Inc.
Timber Wolfe
Timber Wolfe
Principal Security Engineer, TrainACE
Candace Worley
Candace Worley
SVP & GM, Endpoint Security, McAfee
Amit Yoran
Amit Yoran
President, RSA
Lucas Zaichkowsky
Lucas Zaichkowsky
Enterprise Defense Architect, AccessData
Peter Zavlaris
Peter Zavlaris
Analyst, RiskIQ
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5426
Published: 2014-11-27
MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message.

CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?