Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Michal Bar

Head of Cybersecurity Professional Services at Cylus

Member Since: 3/1/2020
Author
News & Commentary Posts: 1
Comments: 0

Michal Bar is the Head of Cybersecurity Professional Services at Cylus, the global leader in railway cybersecurity. Prior to joining Cylus, Michal served as a cybersecurity consultant at the Ernst & Young Advanced Security Center in Tel Aviv for eight years. With over 15 years of experience in cybersecurity, Michal has successfully managed large-scale projects, leading teams of up to 20 security consultants for various global organizations in the industrial and rail sectors. She served in the Israel Defence Force's Intelligence Corps' cyber and IT units before receiving her master's degree in Information System Engineering and Computer Software Engineering from Ben Gurion University. She holds CISSP certification and her expertise includes cyber risk assessments, secure design and architecture reviews, threat modeling and penetration testing projects.

Articles by Michal Bar

View Content By Month

4 Ways Thinking 'Childishly' Can Empower Security Professionals

3/16/2020
Younger minds -- more agile and less worried by failure -- provide a useful model for cyber defenders to think more creatively.
Post a Comment

Content by Month
March 2020 - 1
[close this box]

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 6/4/2020

Abandoned Apps May Pose Security Risk to Mobile Devices

Robert Lemos, Contributing Writer, 5/29/2020

How AI and Automation Can Help Bridge the Cybersecurity Talent Gap

Peter Barker, Chief Product Officer at ForgeRock, 6/1/2020

Webinars

The Threat From the Internet - and What Your Organization Can Do About It

IT Automation: Scaling to the Future

Thinking Like an Attacker: Strategies for Defense

Webinar Archives

White Papers

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

The Identity Gap in Third-Party Risk Management

Automate Testing Using MITRE ATT&CK with Verodin Security Validation

3 Reasons Why Your Remote Workforce is Vulnerable

Better Security Awareness: The Devil is in 5 Details

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: What? IT said I needed virus protection!

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.

Download Now!

State of Cybersecurity Incident Response

0 comments

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-13842
PUBLISHED: 2020-06-05

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020).

CVE-2020-13843
PUBLISHED: 2020-06-05

An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020).

CVE-2020-13839
PUBLISHED: 2020-06-05

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020).

CVE-2020-13840
PUBLISHED: 2020-06-05

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020).

CVE-2020-13841
PUBLISHED: 2020-06-05

An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020).

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]