Author

 Rick Gordon
Twitter
LinkedIn
RSS
E-Mail

Profile of Rick Gordon

Managing Partner, Mach37 Cyber Accelerator
Member Since: 5/8/2014
Author
News & Commentary Posts: 3
Comments: 17

Rick Gordon is an expert on security technology, business strategy, and early-stage venture development. He currently serves as Managing Partner of Mach37 TM, a cyber security market-centric accelerator developed by the Virginia Center for Innovative Technology. MACH37 launches companies that will deliver the next generation of cyber security solutions. Prior to this role, Rick was Vice President of Product Management at KEYW Corp., COO of Lookingglass Cyber Solutions, Managing Director at The Civitas Group, and CEO of Tovaris, a specialized encryption software company. In these roles, he has worked with senior private sector and government officials to solve key security challenges, evaluated emerging growth security companies for investment, and has been a frequent contributor and speaker on such issues as cloud security, cyber intelligence, and security innovation. He also served as a submarine officer in the US Navy. He received his MBA from The Darden School at the University of Virginia and his BS with Merit in engineering from the US Naval Academy.

Articles by Rick Gordon
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
The Data Security Landscape Is Shifting: Is Your Company Prepared?
Francis Dinha, CEO & Co-Founder of OpenVPN,  8/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1712
PUBLISHED: 2018-08-16
IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID: 146370.
CVE-2018-10139
PUBLISHED: 2018-08-16
The PAN-OS response page for GlobalProtect in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.
CVE-2018-10140
PUBLISHED: 2018-08-16
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.
CVE-2018-11771
PUBLISHED: 2018-08-16
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream,...
CVE-2018-1715
PUBLISHED: 2018-08-16
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 14700...