Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

Author

Art Dahnert
Twitter
LinkedIn
RSS
E-Mail

Profile of Art Dahnert

Managing Consultant, Cigital, Inc.
Member Since: 8/10/2016
Author
News & Commentary Posts: 1
Comments: 0

Art Dahnert is a managing consultant with over 19 years of experience in the software industry, including over 8 years in application security. Dahnert has completed hundreds of security risk assessments, penetration tests and vulnerability assessments of web applications, desktop applications, and mobile applications.

In addition, Mr. Dahnert has led the design and development of numerous security applications for multiple branches of the US military, developed code for the Windows operating system and Symantec antivirus applications. Mr. Dahnert has instructed many Fortune 500 development teams on the subject of secure code practices.

Mr. Dahnert also has an extensive and varied automotive background, most recently working with Tier 1 suppliers for several European auto manufacturers to improve their secure SDLC processes and tooling. Mr. Dahnert has certifications in several automotive technologies as well as experience working for large service departments for major automotive dealers.
Articles by Art Dahnert
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-14185
PUBLISHED: 2018-05-25
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.
CVE-2018-8862
PUBLISHED: 2018-05-25
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.
CVE-2018-8864
PUBLISHED: 2018-05-25
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.
CVE-2018-8871
PUBLISHED: 2018-05-25
In Delta Electronics Automation TPEditor version 1.89 or prior, parsing a malformed program file may cause heap-based buffer overflow vulnerability, which may allow remote code execution.
CVE-2017-9641
PUBLISHED: 2018-05-25
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability.