Analytics
11/8/2012
10:54 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Company IID Expands Executive Team/Security Luminary And Liason To FBI Joins Company

Paul Ferguson appointed as first VP of threat intelligence

TACOMA, Wash. – November 7, 2012 – IID (Internet Identity®), a provider of technology and services that help organizations secure their Internet presence, today announced the expansion of its executive team with the appointment of Paul Ferguson as its first ever Vice President of Threat Intelligence. Ferguson has been widely recognized for decades as a security industry luminary and has been fighting malware since the days of the earliest attacks in 1987.

"IID's pioneering approach to securing the Internet through secure DNS resolution and collective intelligence will help protect organizations and their customers in this new age of everywhere connectivity," said Ferguson. "It's an exciting time as IID builds out a new approach to securing business online, and therefore making the move from Silicon Valley to Tacoma was a no brainer."

While a Senior Threat Researcher at Trend Micro, Ferguson evaluated the entirety of the technology landscape for security vulnerabilities. Further, he tracked and correlated criminal operations across the Internet. This included communicating information about the latest variants of malware targeting the world's largest businesses and federal agencies to the security community, and to law enforcement worldwide. He provided key evidence to the FBI that helped them arrest the creators of the DNSChanger malware in Operation Ghost Click. Ferguson also has held positions at Northrop Grumman Corporation, Cisco Systems, Inc., Sprint, Computer Sciences Corp. (CSC) and AT&T.

"It is no secret that Paul is one of the foremost experts in identifying the latest malicious threats on the Internet, and helping law enforcement identify and bring those criminals to justice. It is with great pride and excitement that I am introducing him as part of the IID executive team today," said IID President & CTO Rod Rasmussen. "As we build out offerings that will bring private and public enterprise together to share and collaborate about the latest malicious threats, Paul will play a vital role that will prove crucial to our company's growth and help protect the Internet from malicious actors."

About IID

IID (Internet Identity) offers products and services that combat and mitigate cyber attacks in order to protect the growth plans, assets, and customers of enterprises and government entities. Armed with collective intelligence regarding the latest Internet risks, IID secures the networks of the top banks in the U.S., the largest government agencies worldwide, and many of today's leading financial services firms, e-commerce companies, social networks and ISPs. IID protects its customers with its mitigation products, threat intelligence data and takedown services. The company is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0543
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2015-0544
Published: 2015-07-05
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

CVE-2015-2721
Published: 2015-07-05
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attacke...

CVE-2015-2722
Published: 2015-07-05
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

CVE-2015-2724
Published: 2015-07-05
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code v...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report