Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of Craig Dods

Chief Architect for Security

News & Commentary Posts: 2

Craig Dods is the Chief Architect for Security within Juniper Networks' Strategic Verticals. He currently maintains top-level industry certifications, holds multiple networking and security-related patents, and has disclosed multiple critical-level CVE's in a responsible manner. Prior to joining Juniper, Craig served as IBM Security Services' Chief Security Architect, and held previous security roles at Check Point Software Technologies and Nokia. He has also appeared at popular industry events such as BlackHat as well as in articles from leading security publications such as Krebsonsecurity and DarkReading.

Articles by Craig Dods

View Content By Month

Everything Is Hackable: Now What?

12/18/2017
When everything is hackable, breach prevention can't be the only tool in the cybersecurity tool chest.
Post a Comment

Detection, Prevention & the Single-Vendor Syndrome

9/13/2017
Why security teams need to integrate 'Defense in Depth' principles into traditional solutions designed with integration and continuity in mind.
Post a Comment

Hot Topics

Editors' Choice

More SolarWinds Attack Details Emerge

Kelly Jackson Higgins, Executive Editor at Dark Reading, 1/12/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

What We Can Learn from Sports Analytics

Strategies for Success with Digital Transformation

Making Cybersecurity Work in Small and Medium-Sized Businesses

Webinar Archives

White Papers

Two-Factor Evaluation Guide

The State of Threat Detection and Response

Managing OTT Content Distribution in the Connected World

Universal Internet Connectivity: Reality or Myth?

Seven recommendations for a Successful SD-WAN Strategy

More White Papers

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-22850
PUBLISHED: 2021-01-19

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.

CVE-2021-22851
PUBLISHED: 2021-01-19

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.

CVE-2021-22852
PUBLISHED: 2021-01-19

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data.

CVE-2021-3178
PUBLISHED: 2021-01-19

** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to preven...

CVE-2021-3177
PUBLISHED: 2021-01-19

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf i...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]