Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

Author

Bishop Fox Instructors & John H. Sawyer
Facebook
Twitter
LinkedIn
Google+
RSS
E-Mail

Profile of Bishop Fox Instructors & John H. Sawyer

Consultant
News & Commentary Posts: 5

John H Sawyer, Senior Security Analyst, InGuardians
John H Sawyer is a Senior Security Analyst with InGuardians, where he specializes in network, mobile, and web application penetration testing. John has an extensive background in intrusion analysis, forensics, and incident response. He has consulted with federal, state, and local law enforcement agencies on malware analysis, hacker attacks, and digital forensics. He is also a respected author and public speaker. John currently writes for Dark Reading and InformationWeek Magazine.

Bishop Fox Instructors
Bishop Fox is a global security consulting firm. We are the trusted advisors to the Fortune 1000, financial institutions, and high-tech startups – helping to secure their commerce, data, IT infrastructure, and intellectual property. Founded in 2005, our team is made up of dedicated individuals with a combined 400+ years of experience working in both corporate America and global security.

For more than a decade, Bishop Fox profes­sionals have been authoring best-selling secu­rity books, such as Web Application Security: A Beginners Guide, Hacking Exposed: Web Applications 3rd Edition, and Hacking Exposed: Wireless, 1st and 2nd Editions. Having actually "written the book" on many topics in our field, we consistently demonstrate that few others can truly claim subject matter expertise in the same way that we do.
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8030
PUBLISHED: 2018-06-20
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 a...
CVE-2018-1117
PUBLISHED: 2018-06-20
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this cou...
CVE-2018-11701
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
CVE-2018-11702
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
CVE-2018-11703
PUBLISHED: 2018-06-20
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.