Author

 Malcolm Harkins
Twitter
LinkedIn
RSS
E-Mail

Profile of Malcolm Harkins

Chief Information Security Officer, Cylance Inc.
Member Since: 5/29/2015
Author
News & Commentary Posts: 1
Comments: 0

Malcolm Harkins is the global Chief Information Security officer (CISO) at Cylance Inc. He is responsible for all aspects of the company's information risk and security, public policy and for outreach to help improvement understanding of cyber risks and best practices for managing and mitigating them. Malcolm joined Cylance following 23 years with Intel, where he most recently served as a vice president and its first Chief Security & Privacy officer (CSPO). In that role Malcolm was responsible for managing the risk, controls, privacy, security, and other related compliance for Intel along with all of its products and services.

Malcolm was a contributing author to IT Privacy, a Handbook for Technologists, published by the International Association of Privacy Professionals (2014). In 2012 he published his first book, Managing Risk and Information Security, Protect to Enable. He regularly speaks at leading cybersecurity events and writes articles and white papers.

Articles by Malcolm Harkins
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12633
PUBLISHED: 2018-06-22
An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (...
CVE-2018-12634
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
CVE-2018-12635
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
CVE-2018-12630
PUBLISHED: 2018-06-21
NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.
CVE-2018-12631
PUBLISHED: 2018-06-21
Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.