Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

Author

Eddie Habibi
LinkedIn
Twitter
RSS
E-Mail

Profile of Eddie Habibi

Founder & CEO of PAS Global
Member Since: 1/3/2018
Author
News & Commentary Posts: 1
Comments: 1

Eddie Habibi is the founder and CEO of PAS Global. Eddie is a pioneer and a thought leader in the fields of industrial control systems (ICS) cybersecurity, Industrial IoT, data analytics, and operations management. In 2017, PAS was recognized in CRN's 15 coolest industrial IoT companies, and Eddie is listed by CRN as one of the 30 Internet Of Things Executives Whose Names You Should Know. He is the co-author of two popular best practices books on industrial operator effectiveness: The Alarm Management Handbook and The High Performance HMI Handbook. Eddie holds an Engineering degree from the University of Houston and an MBA from the University of St. Thomas.
Articles by Eddie Habibi
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Microsoft Fixes 11 Critical, 39 Important Vulns
Kelly Sheridan, Staff Editor, Dark Reading,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1060
PUBLISHED: 2018-06-18
python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2018-1090
PUBLISHED: 2018-06-18
In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.
CVE-2018-1152
PUBLISHED: 2018-06-18
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
CVE-2018-1153
PUBLISHED: 2018-06-18
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.
CVE-2018-12530
PUBLISHED: 2018-06-18
An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.