Analytics
11/8/2012
10:54 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Company IID Expands Executive Team/Security Luminary And Liason To FBI Joins Company

Paul Ferguson appointed as first VP of threat intelligence

TACOMA, Wash. – November 7, 2012 – IID (Internet Identity®), a provider of technology and services that help organizations secure their Internet presence, today announced the expansion of its executive team with the appointment of Paul Ferguson as its first ever Vice President of Threat Intelligence. Ferguson has been widely recognized for decades as a security industry luminary and has been fighting malware since the days of the earliest attacks in 1987.

"IID's pioneering approach to securing the Internet through secure DNS resolution and collective intelligence will help protect organizations and their customers in this new age of everywhere connectivity," said Ferguson. "It's an exciting time as IID builds out a new approach to securing business online, and therefore making the move from Silicon Valley to Tacoma was a no brainer."

While a Senior Threat Researcher at Trend Micro, Ferguson evaluated the entirety of the technology landscape for security vulnerabilities. Further, he tracked and correlated criminal operations across the Internet. This included communicating information about the latest variants of malware targeting the world's largest businesses and federal agencies to the security community, and to law enforcement worldwide. He provided key evidence to the FBI that helped them arrest the creators of the DNSChanger malware in Operation Ghost Click. Ferguson also has held positions at Northrop Grumman Corporation, Cisco Systems, Inc., Sprint, Computer Sciences Corp. (CSC) and AT&T.

"It is no secret that Paul is one of the foremost experts in identifying the latest malicious threats on the Internet, and helping law enforcement identify and bring those criminals to justice. It is with great pride and excitement that I am introducing him as part of the IID executive team today," said IID President & CTO Rod Rasmussen. "As we build out offerings that will bring private and public enterprise together to share and collaborate about the latest malicious threats, Paul will play a vital role that will prove crucial to our company's growth and help protect the Internet from malicious actors."

About IID

IID (Internet Identity) offers products and services that combat and mitigate cyber attacks in order to protect the growth plans, assets, and customers of enterprises and government entities. Armed with collective intelligence regarding the latest Internet risks, IID secures the networks of the top banks in the U.S., the largest government agencies worldwide, and many of today's leading financial services firms, e-commerce companies, social networks and ISPs. IID protects its customers with its mitigation products, threat intelligence data and takedown services. The company is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4403
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.ph...

CVE-2012-2930
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers...

CVE-2012-2932
Published: 2015-04-24
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the (1) selitems[] parameter in a copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/...

CVE-2012-5451
Published: 2015-04-24
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

CVE-2015-0297
Published: 2015-04-24
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methos via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.