Rethinking Vulnerability Disclosures In Industrial Control Systems
1/27/2017Why the security industry's traditional obsession and hype around vulnerabilities cannot be transferred to the ICS environment.
Post a Comment
Author
Profile of Galina Antova
Co-founder & Chief Business Development Officer, Claroty News & Commentary Posts: 1Galina Antova is the co-founder and chief business development officer at Claroty. Prior to co-founding the company, she was the global head of industrial security services at Siemens, overseeing the development of its portfolio of services that protect industrial customers against cyberattacks. While at Siemens, she was also responsible for leading the Cyber Security Practice and the Cyber Security Operations Center, providing managed security services for industrial control systems operators. Previously, Galina was with IBM in Canada in various roles in the provisioning and cloud solutions business. She holds a BS in computer science from York University in Toronto, and an MBA from IMD in Lausanne, Switzerland.
Articles by Galina Antova
Why the security industry's traditional obsession and hype around vulnerabilities cannot be transferred to the ICS environment.
Post a Comment
White Papers
Video
5 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: camera, camera everywhere, not a single news to rely on
Latest Comment: camera, camera everywhere, not a single news to rely on
Current Issue
10 Best Practices That Could Reshape Your IT Security DepartmentThis Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
How Enterprises Are Using IT Threat Intelligence
Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-14623
PUBLISHED: 2018-12-14
PUBLISHED: 2018-12-14
PUBLISHED: 2018-12-14
PUBLISHED: 2018-12-14
PUBLISHED: 2018-12-14
From DHS/US-CERT's National Vulnerability Database CVE-2018-14623
PUBLISHED: 2018-12-14
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulne...
CVE-2018-18093PUBLISHED: 2018-12-14
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
CVE-2018-18096PUBLISHED: 2018-12-14
Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2018-18097PUBLISHED: 2018-12-14
Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2018-3704PUBLISHED: 2018-12-14
Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This