Deconstructing a Business Email Compromise Attack
3/29/2018How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
Author
Profile of David Holmes
World-Wide Security Evangelist, F5 Member Since: 1/27/2015Author
News & Commentary Posts: 8
Comments: 2
David Holmes is the world-wide security evangelist for F5 Networks. He writes and speaks about hackers, cryptography, fraud, malware and many other InfoSec topics. He has spoken at over 30 conferences on all six developed continents, including RSA Europe in Amsterdam, InfoSec in London and Gartner Data Center in Las Vegas.
David writes a bi-weekly column at SecurityWeek, and has had the good fortune to write for DarkReading, SC Magazine, Network World and many other computer security magazines and websites. He has three patents pending for F5 and still contributes code to open-source projects such as OpenSSL.
Articles by David Holmes
How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
The Mirai Botnet Is Attacking Again…
2/15/2018And the spinoff bots — and all their command and control hostnames buried in the morass of digital data — are hilarious.
Post a Comment
'Reaper': The Professional Bot Herder’s Thingbot
11/16/2017Is it malicious? So far it's hard to tell. For now it's a giant blinking red light in security researchers faces warning us that we’d better figure out how to secure the Internet of Things.
Post a Comment
5 Reasons Why the CISO is a Cryptocurrency Skeptic
10/26/2017If you think all you need is technology to defend against bad guys, you shouldn’t be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.
Post a Comment
How Quantum Computing Will Change Browser Encryption
8/24/2017From a protocol point of view, we’re closer to a large-scale quantum computer than many people think. Here’s why that’s an important milestone.
Post a Comment
Profile of a Hacker: The Real Sabu
7/20/2017There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Here’s one, and another about what he is doing today.
Post a Comment
Cloud & The Security Skills Gap
7/6/2015F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
Post a Comment
How The Skills Shortage Is Killing Defense in Depth
1/30/2015It used to be easy to sell specialized security gizmos but these days when a point product gets pitched to a CSO, the response is likely “looks nifty, but I don’t have the staff to deploy it.”
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh! They're watching...
And you have a laptop?
Latest Comment: Shhh! They're watching...
And you have a laptop?
Current Issue
Flash Poll
![[Strategic Security Report] Navigating the Threat Intelligence Maze](https://dsimg.ubm-us.net/asset/393933/543593/DR_ThreatConnect_Report.png)
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2017-3961
PUBLISHED: 2018-05-25
PUBLISHED: 2018-05-25
PUBLISHED: 2018-05-25
PUBLISHED: 2018-05-25
PUBLISHED: 2018-05-25
From DHS/US-CERT's National Vulnerability Database CVE-2017-3961
PUBLISHED: 2018-05-25
Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes.
CVE-2018-11468PUBLISHED: 2018-05-25
The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.
CVE-2018-6664PUBLISHED: 2018-05-25
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.
CVE-2018-6674PUBLISHED: 2018-05-25
Privilege Escalation vulnerability in Microsoft Windows client in McAfee VirusScan Enterprise (VSE) 8.8 allows local users to view configuration information in plain text format via the GUI or GUI terminal commands.
CVE-2018-1133PUBLISHED: 2018-05-25
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This