Advertise

Author

Profile of Rocco Grillo

Cyber Resilience Leader at Stroz Friedberg

News & Commentary Posts: 1

Rocco Grillo is Stroz Friedberg's Cyber Resilience Leader and a member of the firm's executive management team. His cyber resilience team, which includes the company's incident responders and security scientists who deliver the firm's proactive and reactive cybersecurity capabilities, has successfully triaged some of the largest data breaches recorded in the last decade. Previously in his career, Mr. Grillo led Protiviti's Global Incident Response and Forensics Investigations, helped develop RedSiren Technologies (a leading managed security service provider and full services security firm that evolved out of Carnegie Mellon), and held management positions with Lucent Technologies and Bell Atlantic. Mr. Grillo is a CISSP, CRMA, PCI-QSA, and a Certified Third Party Risk Assessor. He is an affiliate board advisor for FS-ISAC and NH-ISAC, a member of the Shared Assessments Program Steering Committee board, the CLM Cyber Liability Council, and has also served on the board of directors of the NY Metro ISSA Chapter, the IT Policy Compliance Group, and the (i-4) International Information Integrity Institute Research Steering Committee.

Articles by Rocco Grillo

View Content By Month

To Gain Influence, CISOs Must Get Security's Human Element Right

3/29/2017
Focusing on certain elements of security in isolation can cause a false sense of security.
Post a Comment

Content by Month
March 2017 - 1
[close this box]

Hot Topics

Editors' Choice

WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication

John Fontana, Standards & Identity Analyst, Yubico, 9/19/2018

Turn the NIST Cybersecurity Framework into Reality: 5 Steps

Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018

NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO

Kelly Jackson Higgins, Executive Editor at Dark Reading, 9/19/2018

Live Events

Webinars

More UBM Tech
Live Events

Build Your Communications & Collaboration Future

Enterprise Connect Orlando 2019 Registration is Open!

White Papers

Build the Best IT Budget for 2019

2018 Security Report

SOC-as-a-Service for Cloud Infrastructures and SaaS Applications

Application Logging Challenges

Embracing the Looming Challenge of 100% Encryption

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Name that Toon: Risky Busine Literalist at work, boss said do the job hanging from the ceiling. { You want anything else boss, Yes do the ...

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-3914
PUBLISHED: 2018-09-21

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker can s...

CVE-2018-3915
PUBLISHED: 2018-09-21

CVE-2018-11240
PUBLISHED: 2018-09-21

An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in production builds as of S...

CVE-2018-11241
PUBLISHED: 2018-09-21

An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of Spring 2018.

CVE-2018-16784
PUBLISHED: 2018-09-21

DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a "<file type='file' name='../" substring.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]