Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Lance Spitzner

Director, SANS Institute Securing The Human Security Awareness Program

Member Since: 10/25/2016
Author
News & Commentary Posts: 3
Comments: 2

Lance Spitzner is an internationally recognized leader in the field of cyber threat research and security training and awareness. He sits on the board of the National Cyber Security Alliance and helped develop and implement numerous multi-cultural security awareness programs around the world for organizations as small as 50 employees and as large as 100,000. Mr. Spitzner is the founder of the Honeynet Project; an international, non-profit security research organization that captures, analyzes, and shares information on cyber threats at no cost to the public.

Articles by Lance Spitzner

View Content By Month

Securing Your Remote Workforce: A Coronavirus Guide for Businesses

3/30/2020
Often the hardest part in creating an effective awareness program is deciding what NOT to teach.
Post a Comment

The 3 C's Of Security Awareness

1/11/2017
Explaining the technical part of security comes easy for many of us. But the soft skills needed to change behavior are often sadly missing.
Post a Comment

How To Build A Strong Security Awareness Program

10/27/2016
To become more secure, focus your training and manage your top risks.
Post a Comment

Hot Topics

Editors' Choice

Malicious USB Drive Hides Behind Gift Card Lure

Dark Reading Staff 3/27/2020

Virgin Media Could Pay £4.5B for Leak Affecting 900,000 Customers

Dark Reading Staff 3/27/2020

Security Not a Priority for SAP Projects, Users Report

Dark Reading Staff 3/26/2020

Webinars

Malicious Insiders: Real Defense for Real Business

Virtual Event: The State of Cloud Security

Chatbots for the Enterprise

Webinar Archives

White Papers

Cybersecurity Research: 2019 AWS Cloud Security Report

Securing Real-Time Communications for Dummies Book

Hackers: Your Secret Weapon

Disaster Recovery Checklist

Anatomy of a Cloud-Native Data Breach

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "I feel safe, but I can't understand a word he's saying."

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-10374
PUBLISHED: 2020-03-30

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.

CVE-2020-11104
PUBLISHED: 2020-03-30

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an (initialized) C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information (such as memory layout or private keys) can be gleaned if...

CVE-2020-11105
PUBLISHED: 2020-03-30

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same add...

CVE-2020-11106
PUBLISHED: 2020-03-30

An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $_SESSION['RF']["view_type"] wasn't sanitized if it was already set. This made stored XSS possible if one opens ajax_calls.php and uses the "view" action and places a pa...

CVE-2020-5284
PUBLISHED: 2020-03-30

Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your applicati...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]