Attacks/Breaches

3/28/2016
09:40 AM
Marilyn Cohodas
Marilyn Cohodas
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

6 Hot Cybersecurity Startups: MACH37s Spring Class Of 2016

Intense 90-day program mentors budding entrepreneurs in the finer points of developing a viable technology business for the real world of information security.
4 of 9

Founders Quincy Acklen and Ben Gatti are tackling the ubiquitous problem of phishing in their startup, Gyomo. Describing phishing as attackers' 'most effective enterprise attack vector,' Gyomo is betting against the conventional wisdom that technology actually can 'patch the human' by creating  a hostile environment for social engineering using a combination of crowd sourcing and machine learning.

Image Credit: MACH37

Founders Quincy Acklen and Ben Gatti are tackling the ubiquitous problem of phishing in their startup, Gyomo. Describing phishing as attackers most effective enterprise attack vector, Gyomo is betting against the conventional wisdom that technology actually can patch the human by creating a hostile environment for social engineering using a combination of crowd sourcing and machine learning.

Image Credit: MACH37

4 of 9
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17300
PUBLISHED: 2018-09-21
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.
CVE-2018-17301
PUBLISHED: 2018-09-21
Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.
CVE-2018-17302
PUBLISHED: 2018-09-21
Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message.
CVE-2018-17292
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than...
CVE-2018-17293
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application c...