Boosting Security Effectiveness with 'Adjuvants'
5/17/2018How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program.
Post a Comment
Author
Profile of Raymond Pompon
Principal Threat Research Evangelist at F5 Networks News & Commentary Posts: 24Raymond Pompon is a Principal Threat Researcher Evangelist with F5 labs. With over 20 years of experience in Internet security, he has worked closely with Federal law enforcement in cyber-crime investigations. He has recently written IT Security Risk Control Management: An Audit Preparation Plan from Apress books.
Articles by Raymond Pompon
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program.
Post a Comment
4 Critical Applications and How to Protect Them
5/3/2018Since critical apps are, well, critical, security teams must take preventive measures to keep attackers from exploiting their vulnerabilities.
Post a Comment
Journey to the Cloud: Overcoming Security Risks
3/1/2018Lessons learned from a global consultancy's 10-year transition from on-premises to 99% cloud-based infrastructure.
Post a Comment
Security Liability in an 'Assume Breach' World
2/22/2018Cybersecurity today is more than an IT issue. It's a product quality issue, a customer service issue, an operational issue, and an executive issue. Here's why.
Post a Comment
Avoiding the Epidemic of Hospital Hacks
1/25/2018Lessons learned about cyber hygiene from inside one of America's highest ranked medical institutions.
Post a Comment
The Startup Challenge: Safe in the Cloud from Day One
1/18/2018How a Seattle travel company built a rock-solid mobile app without sacrificing performance or security.
Post a Comment
Be a More Effective CISO by Aligning Security to the Business
12/21/2017These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
Post a Comment
Is a Good Offense the Best Defense Against Hackers?
12/14/2017A proposed new law could make it legal for companies to hack back against attacker. But will it work?
Post a Comment
Why Third-Party Security Is your Security
12/7/2017Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
Post a Comment
'Goldilocks' Legislation Aims to Clean up IoT Security
11/9/2017The proposed Internet of Things Cybersecurity Improvement Act of 2017 is not too hard, not too soft, and might be just right.
Post a Comment
5 Reasons CISOs Should Keep an Open Mind about Cryptocurrency
11/2/2017With untold new markets for Bitcoin and other 'alt-coins,' it's going to be an exciting future -- and security leaders need to get ready for it.
Post a Comment
6 Steps to Finding Honey in the OWASP
10/12/2017The most famous project of the Open Web Application Security Project is getting an update. Here's what you need to know, and how you can get involved.
Post a Comment
URL Obfuscation: Still a Phisher's Phriend
10/5/2017There are three primary techniques to trick users into thinking a website link is real: URL shorteners, URL doppelgangers, and URL redirects.
Post a Comment
Where Do Security Vulnerabilities Come From?
9/22/2017There are three major causes: code quality, complexity, and trusted data inputs.
Post a Comment
CIO or C-Suite: To Whom Should the CISO Report?
9/7/2017Five reasons why the chief information security officer needs to get out from under the control of IT.
Post a Comment
Phishing for Your Information: How Phishers Bait Their Hooks
8/31/2017A treasure trove of PII from social networks and the public Internet is there for the taking.
Post a Comment
How to Avoid the 6 Most Common Audit Failures
8/17/2017In a security audit, the burden is on you to provide the evidence that you’ve done the right things.
Post a Comment
6 Ways CISOs Can Play a Role in Selling Security
8/10/2017When customers ask tough questions about data security, business service resilience, privacy, regulatory, and reputational risk it’s best to remain upbeat and positive. Here’s how.
Post a Comment
Can Your Risk Assessment Stand Up Under Scrutiny?
7/27/2017Weak risk assessments have gotten a pass up until now, but that may be changing.
Post a Comment
Doxing, DoS & Defacement: Today’s Mainstream Hacktivism Tools
6/29/2017Anyone can get angry at you and become a hacktivist. Here’s how to protect your organization from these increasingly common cyber attacks.
Post a Comment
Talking Cyber-Risk with Executives
6/23/2017Explaining risk can be difficult since CISOs and execs don’t speak the same language. The key is to tailor your message for the audience.
Post a Comment
Will Deception as a Defense Become Mainstream?
6/8/2017If your organization has the right resources, deception strategies offer a powerful way to slow down and entrap potential intruders.
Post a Comment
DNS Is Still the Achilles’ Heel of the Internet
6/1/2017Domain Name Services is too important to do without, so we better make sure it’s reliable and incorruptible
Post a Comment
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I told you we should worry abit more about vendor lock-in.
Latest Comment: I told you we should worry abit more about vendor lock-in.
Current Issue
Building and Managing an IT Security Operations ProgramAs cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-7068
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
PUBLISHED: 2019-05-24
From DHS/US-CERT's National Vulnerability Database CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This