Password Reuse: Don’t Mix Business With Personal
9/14/2016Employee education, password managers, and multifactor authentication can reduce the risk of a personal breach becoming a corporate security event.
Post a Comment
Author
Profile of Torry Campbell
Chief Technical Officer of Endpoint and Management at Intel Security News & Commentary Posts: 8Torry Campbell is the Chief Technology Officer for Endpoint and Management technologies for Intel Security, formerly McAfee. From a decade at McAfee, he couples his security operations background with product management, development, and customer implementation experience to guide the product architecture, to better support the protect-detect-correct-adapt workflow within changing threat and risk requirements. Prior to joining McAfee, Campbell worked for a large professional services company, providing rapid response services for active incidents at enterprise accounts. His expertise spans multiple domains of Information Security, shaped by his experience gained through many years in security operations at a large financial services organization.
Articles by Torry Campbell
Employee education, password managers, and multifactor authentication can reduce the risk of a personal breach becoming a corporate security event.
Post a Comment
Looking Forward: A Skilled Security Talent Shortage Looms
5/19/2016The skilled security workforce crisis will continue for the foreseeable future, even as expert systems are deployed.
Post a Comment
Incidence-Response Imperative: Take Immediate Action
11/12/2015Something malicious this way comes. A fast reaction can reduce your risk.
Post a Comment
From Vicious To Virtuous: A Plan Of Attack For Incident Response
8/26/2015How do you get there? Increase the cost and effort required by the bad guys and boost your efficiency.
Post a Comment
Survey Says: Incident Response Is Fighting Back
8/24/2015Companies appear to be recognizing the need for increased incident-response spending.
Post a Comment
The Secret Of War Lies In The Communications --Napoleon
6/24/2015DXL helps organizations keep an eye on external and internal threats using relevant information in real time.
Post a Comment
What Are You Doing During The Golden Hour After An Attack?
5/28/2015Take the time to detect the attack, isolate the infected machines, and restore them to a known state.
Post a Comment
‘Golden Hour’ Incident Response Agility
4/22/2015Security leaders must encourage and integrate data, processes, and controls to facilitate comprehension and investment of precious human capital in higher-level tasks.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Some people never learn, he clicked on another Democrat phishing link again!
Latest Comment: Some people never learn, he clicked on another Democrat phishing link again!
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-18381
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
From DHS/US-CERT's National Vulnerability Database CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
CVE-2018-18375PUBLISHED: 2018-10-16
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.
CVE-2018-18376PUBLISHED: 2018-10-16
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This