Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of John Hellickson

Vice President, Advisory Services, at Kudelski Security, Inc.

Member Since: 9/26/2018
Author
News & Commentary Posts: 2
Comments: 0

John Hellickson has more than 25 years of IT experience, the last two decades focused on security and risk management. He's served as an executive security consultant and trusted partner, providing companies with risk management strategies aligning technology, people, and processes with business objectives. At First Data, he rose from security engineer to CISO, leading a global team to create a business-driven, risk-balanced strategy and cybersecurity program. Hellickson served seven years in the US Air Force, his last assignment protecting systems supporting the country's nuclear war plan. He is a certified information systems security professional (CISSP) and board member of the nonprofits Security Advisor Alliance and Veteran's Passport to Hope.

Articles by John Hellickson

View Content By Month

Navigating Your First Month as a New CISO

10/1/2019
The single most important thing you can do is to start building the relationships and political capital you'll need to run your security program. Here's how.
Post a Comment

CISOs: How to Answer the 5 Questions Boards Will Ask You

10/2/2018
As boards learn the importance of cybersecurity, certain issues arise on a regular basis. These tips can help you address them.
Post a Comment

Hot Topics

Editors' Choice

Microsoft Edge Will Tell You If Credentials Are Compromised

Dark Reading Staff 3/30/2020

HackerOne Drops Mobile Voting App Vendor Voatz

Dark Reading Staff 3/30/2020

Limited-Time Free Offers to Secure the Enterprise Amid COVID-19

Curtis Franklin Jr., Senior Editor at Dark Reading, 3/31/2020

Webinars

How to Effectively Analyze Security Data

Malicious Insiders: Real Defense for Real Business

Chatbots for the Enterprise

Webinar Archives

White Papers

NERC Updates May Force Utility Companies into Better Cybersecurity

eSentire Annual Threat Intelligence Report: 2019 Perspectives and 2020 Predictions

One Phish, Two Phish, Three Phish, Fraud Phish

Calculating the Cost Savings of Simulation-Based Cybersecurity Training

Crack Down on Password Sharing with IP Intelligence and Human Insight

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Hello...Nurse...I've placed a mask on him but he refuses to wear gloves...now what?

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-11565
PUBLISHED: 2020-04-06

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa.

CVE-2020-11558
PUBLISHED: 2020-04-05

An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_m...

CVE-2020-11547
PUBLISHED: 2020-04-05

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.

CVE-2020-11548
PUBLISHED: 2020-04-05

The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.

CVE-2020-11542
PUBLISHED: 2020-04-04

3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]