Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Advertise

About Us

Author

Profile of Dan Hubbard

CEO at Lacework

News & Commentary Posts: 2

Dan Hubbard is CEO at Lacework, driving innovation and expanding the company's security strategy for public and private clouds. A pioneering force in Internet security, Dan's expertise spans from reputation and advanced classification systems to large-scale security data mining, and cloud security. Prior to Lacework, Dan was CTO at OpenDNS, helped deliver the world's largest cloud security network that led to the $600M acquisition by Cisco. Prior to OpenDNS, Dan was CTO at Websense, led R&D, launched the Websense Security Labs, and was instrumental in the company's success from early days through a successful IPO. Dan owns several patents in the areas of data classification and cloud security and is a frequent speaker at security conferences globally.

Articles by Dan Hubbard

View Content By Month

Security as Code: How Repeatable Policy-Driven Deployment Improves Security

12/22/2020
The SaC approach lets users codify and enforce a secure state of application configuration deployment that limits risk.
Post a Comment

The Shared Irresponsibility Model in the Cloud Is Putting You at Risk

9/29/2020
Step up, put the architecture and organization in place, and take responsibility. If you don't, who will?
Post a Comment

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

@Hack - November 28-30, 2021 Saudi Arabia - Learn More

Black Hat USA 2021 - July 31-August 5 - Learn More

Enterprise Connect Orlando, September 27-29, 2021: Where Corporate IT Decision Makers Connect - Save $200 with Promo Code IWBX200

More Informa Tech Live Events

White Papers

Cloud Cyber Resilience Report - Evolving Risks, Insecure Defaults, Watering Hole Threats

Integration Platform as a Service for Order Management Systems: Why Should You Care?

Today's Hybrid Work Model Requires a Hybrid Approach to Security

Accelerate Network Operations Efficiency with AIOps

Privileged Access Management Checklist

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

The State of Cybersecurity Incident Response

In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-22521
PUBLISHED: 2021-07-30

A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges.

CVE-2021-34629
PUBLISHED: 2021-07-30

The SendGrid WordPress plugin is vulnerable to authorization bypass via the get_ajax_statistics function found in the ~/lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8.

CVE-2021-34630
PUBLISHED: 2021-07-30

In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtranslate_request_uri_var function runs at the top of all pages and echoes out the contents of $_SERVER['REQUEST_URI']. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vu...

CVE-2021-3636
PUBLISHED: 2021-07-30

It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificates s...

CVE-2021-29297
PUBLISHED: 2021-07-30

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]