How I Infiltrated a Fortune 500 Company with Social Engineering
11/7/2017Getting into the company proved surprisingly easy during a contest. Find out how to make your company better prepared for real-world attacks.
Post a Comment
Author
Profile of Joe Gray
Enterprise Security Consultant at Sword & Shield Enterprise Security Member Since: 8/8/2016Author
News & Commentary Posts: 1
Comments: 1
Joe Gray joined the US Navy directly out of high school and served for seven years as a submarine navigation electronics technician. Joe is an enterprise security consultant at Sword & Shield Enterprise Security in Knoxville, Tennessee. Joe also maintains his own blog and podcast, Advanced Persistent Security. He is in the SANS Instructor Development pipeline, teaching SANS Security 504: Hacker Tools, Techniques, Exploits, and Incident Handling at the mentor level.
In his spare time, Joe enjoys attending information security conferences, contributing blog posts to various outlets, training in Brazilian jiu-jitsu, and flying his drone. Joe is in the inaugural winner of the DerbyCon Social Engineering Capture the Flag contest and was awarded a DerbyCon Black Badge.
Articles by Joe Gray
Getting into the company proved surprisingly easy during a contest. Find out how to make your company better prepared for real-world attacks.
Post a Comment
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
VNote 2.2 has XSS via a new text note.
CVE-2019-8421PUBLISHED: 2019-02-17
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2019-8422PUBLISHED: 2019-02-17
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
CVE-2019-7649PUBLISHED: 2019-02-17
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVE-2019-8418PUBLISHED: 2019-02-17
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This