Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of David Damato

Chief Security Officer, Tanium

News & Commentary Posts: 1

David Damato is Chief Security Officer at Tanium, where he provides strategic product direction over module development for the Tanium Platform and manages the company's internal security program. David brings a wealth of security expertise, spanning incident response and forensics, vulnerability assessments, security program development, security operations, and network and security architecture. Prior to Tanium, David most recently served as Managing Director at Mandiant, a FireEye company, where his team led incident response and post-breach remediation efforts at over 100 Fortune 500 companies. At Mandiant, David was also instrumental in developing new incident response services capabilities and establishing consulting offices both domestically and internationally. Prior to Mandiant, David led security consulting teams at PwC as part of its Washington Federal Practice and held IT roles at Raytheon focused on the management of internal and government networks.

Articles by David Damato

View Content By Month

Why We Need a Data-Driven Cybersecurity Market

5/17/2017
NIST should bring together industry to create a standard set of metrics and develop better ways to share information.
Post a Comment

Content by Month
May 2017 - 1
[close this box]

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 9/21/2020

Hacking Yourself: Marie Moe and Pacemaker Security

Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning, 9/21/2020

Startup Aims to Map and Track All the IT and Security Things

Kelly Jackson Higgins, Executive Editor at Dark Reading, 9/22/2020

Live Events

Webinars

Hear Microsoft, FedEx & VMware Speak @ Interop Digital

Network Automation Summit presented by Network to Code at Interop Digital

Earn (ISC)2 CPEs at Interop Digital, Oct 5-8

More Informa Tech Live Events

White Papers

[Forrester Research] The State of Data Security & Privacy

2020 Gartner Market Guide for Network Detection & Response

2020 SANS Cyber Threat Intelligence

How You Can Evaluate Your Org's Cybersecurity Readiness

Antigena Email: Building Immunity for Your Inbox

More White Papers

Cartoon

Latest Comment: Yes Mother I know I've been eating too many cookies again! You can stop talking about that now......

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-5783
PUBLISHED: 2020-09-23

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.

CVE-2020-11031
PUBLISHED: 2020-09-23

In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library c...

CVE-2020-5781
PUBLISHED: 2020-09-23

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users.

CVE-2020-5782
PUBLISHED: 2020-09-23

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the â€&tilde;wan_typeâ€™ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.

CVE-2020-24213
PUBLISHED: 2020-09-23

An integer overflow was discovered in YGOPro ygocore v13.51. Attackers can use it to leak the game server thread's memory.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]