Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Terry Dunlap

Co-Founder & Chief Strategy Officer, ReFirm Labs

Member Since: 8/19/2019
Author
News & Commentary Posts: 1
Comments: 0

Terry Dunlap is the Co-Founder and Chief Strategy Officer of ReFirm Labs, a provider of proactive IoT and firmware security solutions that empower both government agencies and Fortune 500 companies. A former teen hacker, Dunlap worked as a global network vulnerability analyst at the National Security Agency before co-founding ReFirm Labs in 2017. He developed the framework for ReFirm Labs' flagship cloud-based platform that detects and reports potential zero-day exploits, hidden crypto keys, backdoor passwords, and known vulnerabilities in IoT devices.

Articles by Terry Dunlap

View Content By Month

Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities

8/27/2019
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
Post a Comment

Content by Month
August 2019 - 1
[close this box]

Hot Topics

Editors' Choice

Mobile Banking Malware Up 50% in First Half of 2019

Kelly Sheridan, Staff Editor, Dark Reading, 1/17/2020

Active Directory Needs an Update: Here's Why

Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus, 1/16/2020

New Attack Campaigns Suggest Emotet Threat Is Far From Over

Jai Vijayan, Contributing Writer, 1/16/2020

Live Events

Webinars

March 16-19, 2020: Data Center World Registration is open! Join Us

Data Center World: The leading conference & expo for Data Center and IT Infrastructure Professionals. Register Today!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

NetFlow vs Packet Data

[Exclusive InformationWeek IT Trend Report] The Cloud Gets Ready for the 20's

Definitive Guide to Securing DevOps

Forrester's MITRE ATT&CK Evaluation Guide

Implementing Agile Security Response

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Oh, Bill? He's kind of old-school, but one of our best Cloud developers.

Cartoon Archive

Current Issue

The Year in Security: 2019

This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises are Attacking the Cybersecurity Problem

Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.

Download Now!

How Data Breaches affect the Enterprise

0 comments

Rethinking Enterprise Data Defense

0 comments

Assessing Cybersecurity Risk in Today's Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-20399
PUBLISHED: 2020-01-23

A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.

CVE-2020-7915
PUBLISHED: 2020-01-22

An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator.

CVE-2019-20391
PUBLISHED: 2020-01-22

An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.

CVE-2019-20392
PUBLISHED: 2020-01-22

An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.

CVE-2019-20393
PUBLISHED: 2020-01-22

A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]