Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Join us live at

Author

Profile of Vitali Kremez

Director of Research, Flashpoint

Member Since: 4/13/2017
Author
News & Commentary Posts: 1
Comments: 1

Vitali Kremez is director of research at Flashpoint. He specializes in researching and investigating complex cyberattacks, network intrusions, data breaches, and hacking incidents mainly emanating from the Eastern European cybercriminal ecosystem. He has earned the majority of major certifications available in the information technology, information security, and digital forensics fields. Previously, Vitali enjoyed a successful career as a cybercrime investigative analyst for the New York County District Attorney's Office, partnering with the United States Secret Service, the Federal Bureau of Investigation, the Department of Homeland Security, Royal Canadian Mounted Police, City of London (UK) Police, New York Police Department, and Spanish Civil Guardia. His work helped the New York County District Attorney's Office and other offices deliver successful indictments of many high-profile investigations involving data breaches, network intrusions, ransomware, computer hacking, intellectual property theft, credit card fraud, money laundering, and identity theft.

Articles by Vitali Kremez

View Content By Month

Health Savings Account Fraud: The Rapidly Growing Threat

4/14/2017
As income tax season comes to a close, financially-motivated cybercriminals are honing new tactics for monetizing medical PII.
Post a Comment

Content by Month
April 2017 - 1
[close this box]

Hot Topics

Editors' Choice

10 Ways to Keep a Rogue RasPi From Wrecking Your Network

Curtis Franklin Jr., Senior Editor at Dark Reading, 7/10/2019

The Security of Cloud Applications

Hillel Solow, CTO and Co-founder, Protego, 7/11/2019

Where Businesses Waste Endpoint Security Budgets

Kelly Sheridan, Staff Editor, Dark Reading, 7/15/2019

Live Events

Webinars

Come to Black Hat USA for the latest hardware hacks

Black Hat Trainings - August 3-6

WorkSpace Connect - Sept 9-11, Dallas - Register Now!

More Informa Tech Live Events

White Papers

Security 101

7 Reasons You Need Security at the Edge

Solve the Robo-Calling Plague

Testing for Compliance Just Became Easier

Understanding Container Adoption With a Special Focus on Container Security

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: You have 60 seconds to enter your token code before it changes. BEGIN!

Cartoon Archive

Current Issue

Building and Managing an IT Security Operations Program

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-10100
PUBLISHED: 2019-07-16

NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43.

CVE-2019-10100
PUBLISHED: 2019-07-16

BigTree-CMS commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6 and earlier is affected by: Improper Neutralization of Script-Related HTML Tags in a Web Page. The impact is: Any Javascript code can be executed. The component is: users management page. The attack vector is: Insert payload into users' pro...

CVE-2019-10100
PUBLISHED: 2019-07-16

PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The component is: data/inc/images.php line36. The attack vector is: modify the MIME TYPE on HTTP request to upload a php file. The fixed version is: after commit 09f0ab871...

CVE-2019-13612
PUBLISHED: 2019-07-16

MDaemon Email Server 19 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious e-mail, if a cu...

CVE-2019-10100
PUBLISHED: 2019-07-16

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]