Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of David Amsler

Founder, Foreground Security

News & Commentary Posts: 1

David Amsler is founder of Foreground Security, which was recently acquired by Raytheon Company. Given his level of expertise and knowledge, Amsler has taught more than 350 information security courses to top government organizations, including the Internal Revenue Service, National Security Agency, Department of Defense, Federal Bureau of Investigation, Defense Information Systems Agency and National Aeronautics and Space Administration. In addition, he has developed policies and procedures that are now documented and recognized as key, operational standards for numerous government agencies. As a result, he remains a distinguished leader and strategic consultant to high-level executives throughout the globe especially within the information security auditing and testing arena.

Articles by David Amsler

View Content By Month

Why It’s Always Cyber Hunting Season (& What To Do About It)

10/6/2016
To stop today’s most capable and persistent adversaries, security organizations must rely less on tools and more on human analysis.
Post a Comment

Content by Month
October 2016 - 1
[close this box]

Hot Topics

Editors' Choice

High Stress Levels Impacting CISOs Physically, Mentally

Jai Vijayan, Freelance writer, 2/14/2019

Valentine's Emails Laced with Gandcrab Ransomware

Kelly Sheridan, Staff Editor, Dark Reading, 2/14/2019

New Free Tool Scans for Chrome Extension Safety

Dark Reading Staff 2/21/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

Want to Stay In Front of Breaches? Train Like The Marines.

451 Research: Network Traffic Analysis Opens the Eyes of the SOC

7 Habits of Highly Effective Security Teams

Enhanced Data Protection Against Insider Threats

More White Papers

Video

All Videos

Cartoon

Latest Comment: We won't cut you loose as long as you don't slow us down!

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-1944
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-For...

CVE-2018-1945
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click act...

CVE-2018-1946
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the stronges...

CVE-2018-1947
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...

CVE-2018-1948
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]