Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of James Carder

CISO & VP, LogRhythm Labs, LogRhythm, Inc.

Member Since: 3/17/2017
Author
News & Commentary Posts: 2
Comments: 0

James Carder is the CISO and VP of Labs for LogRhythm and an IDSA Customer Advisory Board Member. He brings more than 22 years of experience working in corporate security and consulting for the Fortune 500 and US government. At LogRhythm, he oversees the company's governance, risk, and compliance program, security architecture, awareness, product security, physical security, and security operations. He also directs the LogRhythm Labs strategic integrations, threat and compliance research teams. He holds an MBA from the University of Minnesota, is an Advisory Board member for Colorado University and New Cloud Networks, in addition to the IDSA, and a member of the Forbes Technology Council.

Articles by James Carder

View Content By Month

Planning a Zero-Trust Initiative? Here's How to Prioritize

10/23/2019
If you start by focusing on users, data, access, and managed devices, you will make major strides toward achieving better security.
Post a Comment

Report: ‘OilRig' Attacks Expanding Across Industries, Geographies

3/21/2017
Malware targets Middle Eastern airlines, government, financial industries and critical infrastructure with a simple but powerful backdoor created by infected Excel files attached to phishing emails.
Post a Comment

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 8/10/2020

Researcher Finds New Office Macro Attacks for MacOS

Curtis Franklin Jr., Senior Editor at Dark Reading, 8/7/2020

Exploiting Google Cloud Platform With Ease

Dark Reading Staff 8/6/2020

Live Events

Webinars

Expert led sessions and real networking - Join us at Data Center World 2020: A Virtual Experience

Collaborate With IT Industry Leaders at Interop Digital, Oct. 5-8

More Informa Tech Live Events

White Papers

DevOps for the Database

Wired vs. Wireless LAN Solution

NDaaS 101

2020 State of Malware Report

Jackson Electric Co-op Empowers Gulf Coast Residents to Work From Home

More White Papers

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: The superior method of sandboxing called "sandcastling" involves having the user detonate the malware.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal, a Dark Reading Perspective

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Changing Face of Threat Intelligence

This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!

Download Now!

The Threat from the Internet—and What Your Organization Can Do About It

0 comments

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

0 comments

State of Cybersecurity Incident Response

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-8904
PUBLISHED: 2020-08-12

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (en...

CVE-2020-8905
PUBLISHED: 2020-08-12

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of ...

CVE-2020-12106
PUBLISHED: 2020-08-12

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point.

CVE-2020-12107
PUBLISHED: 2020-08-12

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System.

CVE-2020-7374
PUBLISHED: 2020-08-12

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]