Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Matthew Rosenquist

Profile of Matthew Rosenquist

Cybersecurity Strategist

Member Since: 10/15/2019
Author
News & Commentary Posts: 6
Comments: 0

Matthew Rosenquist is a cybersecurity strategist who actively advises global businesses, academia, and governments to identify emerging risks and opportunities. Formerly the cybersecurity strategist for Intel Corp., he benefits from 30 years in the security field.

He is a keynote speaker, an evangelist for cybersecurity best-practices, a member on multiple technical and academic advisory boards, and collaborates with the top minds in the cybersecurity industry. Recognized as a Top 10 Technology Voice in 2018 by LinkedIn and a Top 10 Cybersecurity Thought Leader in 2019 by Thinkers360, he is heavily engaged with an active following of over 190k professionals.

Matthew is a leader who champions col

Articles by Matthew Rosenquist

View Content By Month

Hacking Phones: How Law Enforcement Is Saving Privacy

10/30/2019
It's no longer true that society must choose to either weaken everybody's privacy or let criminals run rampant.
Post a Comment

PoisonTap USB Device Can Hack A Locked PC In A Minute

12/6/2016
This is just one example of an emerging technology that enables anyone with physical access to a computer’s USB port to potentially harvest data and gain access by spoofing an Internet ecosystem.
Post a Comment

Cybercriminals’ Next Target: Long-Term Prizes (Part 2 of 2)

12/1/2016
Attacks of a more strategic nature will test early blockchain implementations and continue to explore ways to monetize weak IoT devices.
Post a Comment

Cybercriminals' Next Target: Short-Term Dangers (Part 1 of 2)

11/30/2016
With the holidays approaching, the focus will be on lucrative online shopping, email ransomware, phishing for credentials, and infection by holiday-lurking malware.
Post a Comment

Beware: Scalable Vector Graphics Files Are A New Ransomware Threat

11/29/2016
SVG files offer many advantages as far as graphics go, but hackers looking to embed malware on websites can exploit them.
Post a Comment

Sharing Cybersecurity Threat Intelligence Is The Only Way We Win

9/27/2016
Security organizations must leverage each other’s information in order to better predict, prevent, detect, and respond to threats their customers and organizations face.
Post a Comment

Editors' Choice

Mobile Banking Malware Up 50% in First Half of 2019

Kelly Sheridan, Staff Editor, Dark Reading, 1/17/2020

7 Tips for Infosec Pros Considering A Lateral Career Move

Kelly Sheridan, Staff Editor, Dark Reading, 1/21/2020

For Mismanaged SOCs, The Price Is Not Right

Kelly Sheridan, Staff Editor, Dark Reading, 1/22/2020

Live Events

Webinars

March 16-19, 2020: Data Center World Registration is open! Join Us

Data Center World: The leading conference & expo for Data Center and IT Infrastructure Professionals. Register Today!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

Using AI to Power AppSec

Simplify Your App Security

NetFlow vs Packet Data

[IT Trend Report] The Future of Cloud

Redefining the Enterprise Security Perimeter Solution Brief

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: It's a PEN test of our cloud security.

Cartoon Archive

Current Issue

IT 2020: A Look Ahead

Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises are Attacking the Cybersecurity Problem

How Enterprises are Attacking the Cybersecurity Problem

Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.

Download Now!

How Data Breaches affect the Enterprise

Rethinking Enterprise Data Defense

Assessing Cybersecurity Risk in Today's Enterprise

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-7245
PUBLISHED: 2020-01-23

Incorrect username validation in the registration processes of CTFd through 2.2.2 allows a remote attacker to take over an arbitrary account after initiating a password reset. This is related to register() and reset_password() in auth.py. To exploit the vulnerability, one must register with a userna...

CVE-2019-14885
PUBLISHED: 2020-01-23

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information...

CVE-2019-17570
PUBLISHED: 2020-01-23

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue...

CVE-2020-6007
PUBLISHED: 2020-01-23

Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.

CVE-2012-4606
PUBLISHED: 2020-01-23

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]