Author

 Curtis Dalton
Twitter
LinkedIn
RSS
E-Mail

Profile of Curtis Dalton

SVP & Global Head of Security Services for Pactera US (a Blackstone portfolio company)
Member Since: 3/2/2016
Author
News & Commentary Posts: 1
Comments: 0

Curtis Dalton is an information security and technology executive with 24 years' experience and a proven track record in management, technology and security. Prior to joining Pactera, Dalton was Chief Information Security Officer for Sapient - a global IT services and digital services provider. For Sapient, Dalton developed an acclaimed security program rooted in ISO 27001 globally to support a burgeoning business which doubled over his tenure.
Dalton's experience dates back to the beginning of the security profession when he helped develop one of the first firewalls, implemented one of the first global VPN solutions, and developed an early Data Loss Prevention solution in the mid '90's. Dalton is a published author & speaker with fifteen articles and cover stories appearing within leading publications, and a popular security architecture book published by Osborne McGraw-Hill. Dalton is certified as CISSP, CISM, ISMS Lead Auditor/Lead Implementer and is an active member within the information security community including ISC2, ISACA, ISSA, InfraGard and IAPP.

Articles by Curtis Dalton
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7682
PUBLISHED: 2018-06-22
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
CVE-2018-12689
PUBLISHED: 2018-06-22
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
CVE-2018-12538
PUBLISHED: 2018-06-22
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage...
CVE-2018-12684
PUBLISHED: 2018-06-22
Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.
CVE-2018-12687
PUBLISHED: 2018-06-22
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h.