The 7 Habits of Highly Effective Security Teams
9/17/2018Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.
Post a Comment
Author
Profile of Gary Golomb
Co-Founder & Chief Research Officer at Awake Security Member Since: 12/6/2017Author
News & Commentary Posts: 3
Comments: 0
Gary Golomb has nearly two decades of experience in threat analysis and has led investigations and containment efforts in a number of notable cases. With this experience — and a track record of researching and teaching state-of-the art detection and response methodologies — Gary is focused on helping Awake improve security craft as the company's Chief Research Officer. Prior to Awake, Gary was one of the first employees at Cylance. He was also a co-founder of Proventsure, which was acquired by Netwitness and ultimately by RSA. He served in the United States Marines 2nd Force Reconnaissance Company.
Articles by Gary Golomb
Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.
Post a Comment
How AI Could Become the Firewall of 2003
8/1/2018An over-reliance on artificial intelligence and machine learning for the wrong uses will create unnecessary risks.
Post a Comment
Automation Could Be Widening the Cybersecurity Skills Gap
12/13/2017Sticking workers with tedious jobs that AI can't do leads to burnout, but there is a way to achieve balance.
Post a Comment
White Papers
Video
1 Comments
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-10839
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
From DHS/US-CERT's National Vulnerability Database CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This