Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of Daniel Gordon

Cyber Intel Analyst, Lockheed Martin Computer Incident Response Team

Member Since: 1/22/2017
Author
News & Commentary Posts: 1
Comments: 1

Daniel Gordon, CISSP, is a member of the Lockheed Martin Computer Incident Response Team. He has worked in IT and information security for over 10 years. He holds a BA in political science from St Mary's College of Maryland and a graduate certificate in modeling and simulation of behavioral cybersecurity from the University of Central Florida. He is currently pursuing his Master's degree in modeling & simulation.

Articles by Daniel Gordon

View Content By Month

Why You’re Doing Cybersecurity Risk Measurement Wrong

1/30/2017
Measuring risk isn’t as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
Post a Comment

Content by Month
January 2017 - 1
[close this box]

Editors' Choice

7 Old IT Things Every New InfoSec Pro Should Know

Joan Goodchild, Staff Editor, 4/20/2021

Cloud-Native Businesses Struggle With Security

Robert Lemos, Contributing Writer, 5/6/2021

Defending Against Web Scraping Attacks

Rob Simon, Principal Security Consultant at TrustedSec, 5/7/2021

Live Events

Webinars

Dark Reading June 24 Virtual Event a free, all-day online conference. LEARN MORE

Finding & Stopping Enterprise Data Breaches - June 24 - Dark Reading Virtual Event

More Informa Tech Live Events

White Papers

Hidden Costs of Endpoint Security

The Definitive Buyer's Guide for Managed Threat Detection and Response Services

Tech Insights: Detecting and Preventing Insider Data Leaks

Brand Protection During a Global Pandemic

Ransomware Security Breach Summary: Food Production

More White Papers

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Battle for the Endpoint

How to build a new cyber strategy for 2021 and beyond.

Download Now!

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

The Malware Threat Landscape

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-10062
PUBLISHED: 2021-05-13

The HTMLSanitizer class in html-sanitizer.ts in all released versions of the Aurelia framework 1.x repository is vulnerable to XSS. The sanitizer only attempts to filter SCRIPT elements, which makes it feasible for remote attackers to conduct XSS attacks via (for example) JavaScript code in an attri...

CVE-2020-23995
PUBLISHED: 2021-05-13

An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.

CVE-2020-23996
PUBLISHED: 2021-05-13

A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authenticated attackers to execute arbitrary code via the import of personal data.

CVE-2021-29510
PUBLISHED: 2021-05-13

Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either `'infinity'`, `'inf'` or `float('inf')` (or their negatives) to `datetime` or `date` fields causes validation to run forever with 100% CPU usage (on one CPU). Pydantic has been patche...

CVE-2021-23906
PUBLISHED: 2021-05-13

An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]