Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Travis Farral

Director of Security Strategy at Anomali

News & Commentary Posts: 2

Travis Farral is a seasoned IT security professional with extensive background in corporate security environments. Prior to his current role as Director of Security Strategy at Silicon Valley-based threat intelligence platform provider Anomali, Farral was with ExxonMobil, where he served as a cybersecurity supervising engineer and supervisor of cybersecurity intelligence and strategic services. Farral is a noted thought leader and respected member of the security and risk community.

Articles by Travis Farral

View Content By Month

Digital Crime-Fighting: The Evolving Role of Law Enforcement

8/1/2017
Law enforcement, even on a local level, has a new obligation to establish an effective framework for combating online crime.
Post a Comment

The Road Less Traveled: Building a Career in Cyberthreat Intelligence

4/24/2017
It's hard to become a threat intelligence pro, but there are three primary ways of going about it.
Post a Comment

Hot Topics

Editors' Choice

Microsoft, Mastercard Aim to Change Identity Management

Kelly Sheridan, Staff Editor, Dark Reading, 12/3/2018

Windows 10 Security Questions Prove Easy for Attackers to Exploit

Kelly Sheridan, Staff Editor, Dark Reading, 12/5/2018

Starwood Breach Reaction Focuses on 4-Year Dwell

Curtis Franklin Jr., Senior Editor at Dark Reading, 12/5/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

TitaniumCloud File Intelligence vs. VirusTotal

The SOAR Buyer's Guide

Edge Expander

Outsmart Malware

Investigating Malware Threats Within your Network

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I guess this answers the question: who's watching the watchers?

Cartoon Archive

Current Issue

10 Best Practices That Could Reshape Your IT Security Department

This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Using IT Threat Intelligence

Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.

Download Now!

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10008
PUBLISHED: 2018-12-10

A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended...

CVE-2018-10008
PUBLISHED: 2018-12-10

An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace br...

CVE-2018-10008
PUBLISHED: 2018-12-10

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jen...

CVE-2018-10008
PUBLISHED: 2018-12-10

A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.

CVE-2018-10008
PUBLISHED: 2018-12-10

A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy san...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]