Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of David Damato

Chief Security Officer, Tanium

News & Commentary Posts: 1

David Damato is Chief Security Officer at Tanium, where he provides strategic product direction over module development for the Tanium Platform and manages the company's internal security program. David brings a wealth of security expertise, spanning incident response and forensics, vulnerability assessments, security program development, security operations, and network and security architecture. Prior to Tanium, David most recently served as Managing Director at Mandiant, a FireEye company, where his team led incident response and post-breach remediation efforts at over 100 Fortune 500 companies. At Mandiant, David was also instrumental in developing new incident response services capabilities and establishing consulting offices both domestically and internationally. Prior to Mandiant, David led security consulting teams at PwC as part of its Washington Federal Practice and held IT roles at Raytheon focused on the management of internal and government networks.

Articles by David Damato

View Content By Month

Why We Need a Data-Driven Cybersecurity Market

5/17/2017
NIST should bring together industry to create a standard set of metrics and develop better ways to share information.
Post a Comment

Content by Month
May 2017 - 1
[close this box]

Hot Topics

Editors' Choice

Higher Education: 15 Books to Help Cybersecurity Pros Be Better

Curtis Franklin Jr., Senior Editor at Dark Reading, 12/12/2018

Worst Password Blunders of 2018 Hit Organizations East and West

Curtis Franklin Jr., Senior Editor at Dark Reading, 12/12/2018

2019 Attacker Playbook

Ericka Chickowski, Contributing Writer, Dark Reading, 12/14/2018

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

Automated Static File Analysis

Reducing the Human Attack Surface with Phishing Simulations

STIX/TAXII: What You Need to Know

Know Your Unknowns With a Master IP Address List Audit

SANS 2018 Threat Hunting Survey Results

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Look deep into my eyes. You are getting sleepy, very sleepy......

Cartoon Archive

Current Issue

10 Best Practices That Could Reshape Your IT Security Department

This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Sponsored Content] The State of Encryption and How to Improve It

Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-20201
PUBLISHED: 2018-12-18

There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.

CVE-2018-20194
PUBLISHED: 2018-12-18

There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy l...

CVE-2018-20195
PUBLISHED: 2018-12-18

A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

CVE-2018-20196
PUBLISHED: 2018-12-18

There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.

CVE-2018-20197
PUBLISHED: 2018-12-18

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]