Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Greg Martin

CEO of JASK

Member Since: 5/2/2017
Author
News & Commentary Posts: 1
Comments: 0

Greg Martin is CEO of JASK (jask.ai), a Silicon Valley-based cybersecurity startup that has developed a unique enterprise security platform to dramatically improve situational awareness of cyberthreats. Martin is a former cybersecurity technical advisor to the FBI and Secret Service, and he is the past founder of a Google Ventures-backed threat intelligence startup that he successfully exited in 2015.

Articles by Greg Martin

View Content By Month

Why OAuth Phishing Poses A New Threat to Users

5/4/2017
Credential phishing lets attackers gain back-end access to email accounts, and yesterday's Google Docs scam raises the risk to a new level.
Post a Comment

Content by Month
May 2017 - 1
[close this box]

Hot Topics

Editors' Choice

Greater Focus on Privacy Pays Off for Firms

Robert Lemos, Contributing Writer, 1/27/2020

Average Ransomware Payments More Than Doubled in Q4 2019

Jai Vijayan, Contributing Writer, 1/27/2020

For Mismanaged SOCs, The Price Is Not Right

Kelly Sheridan, Staff Editor, Dark Reading, 1/22/2020

Live Events

Webinars

March 16-19, 2020: Data Center World Registration is open! Join Us

Data Center World: The leading conference & expo for Data Center and IT Infrastructure Professionals. Register Today!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

Using AI to Power AppSec

Simplify Your App Security

NetFlow vs Packet Data

[IT Trend Report] The Future of Cloud

Cybersecurity Research: 2019 AWS Cloud Security Report

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I was asking about our progression steps and this is what they provided me.

Cartoon Archive

Current Issue

IT 2020: A Look Ahead

Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises are Attacking the Cybersecurity Problem

Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.

Download Now!

How Data Breaches affect the Enterprise

0 comments

Rethinking Enterprise Data Defense

0 comments

Assessing Cybersecurity Risk in Today's Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-2099
PUBLISHED: 2020-01-29

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating ...

CVE-2020-2100
PUBLISHED: 2020-01-29

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.

CVE-2020-2101
PUBLISHED: 2020-01-29

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.

CVE-2020-2102
PUBLISHED: 2020-01-29

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

CVE-2020-2103
PUBLISHED: 2020-01-29

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]