Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 Jennifer DeTrani & Landon Winkelvoss
Twitter
LinkedIn
RSS
E-Mail

Profile of Jennifer DeTrani & Landon Winkelvoss

General Counsel/EVP, Nisos / VP of Content and Co-Founder, Nisos
Member Since: 6/17/2021
Author
News & Commentary Posts: 1
Comments: 0

Jennifer DeTrani is General Counsel/EVP, Corporate Secretary and Head of Culture of Nisos, a Managed Intelligence™ company that focuses on helping clients develop an effective response to advanced cyber threats.  Jennifer is a visiting fellow at the National Security Institute at George Mason University's Law School, and serves on the executive leadership team of SunLaw, a non-profit that focuses on the education and advancement of in-house leaders.  Jennifer has a demonstrated history of creating mission-driven results in the cybersecurity, information technology, secure communications, and software industries. In addition to building in-house teams, she focuses on  compliance, innovation, outreach and education within the legal community, with a focus on technology, security and privacy. Prior to Nisos, she co-founded a secure messaging company, Wickrl, ran a solo law practice, practiced corporate law in BigLaw and served as a federal prosecutor at the Department of Justice.

Landon Winkelvoss co-founded Nisos in 2015 and serves as its VP of Content. His vision as a founder was to deliver intelligence community-level insights to blue chip companies to enable a stronger defense and more effective response against advanced cyberattacks, disinformation, and abuse of digital platforms. Prior to founding Nisos, he spent 10 years as a Technical Targeting Officer for the U.S. Government, including multiple warzone deployments and overseas postings. Landon is a regular contributor to numerous publications on cyber intelligence and investigations including Security Week and SC Magazine. He is also host of  The Cyber5 and Know Your Adversary, podcasts designed to educate and highlight security best

Articles by Jennifer DeTrani & Landon Winkelvoss
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-3349
PUBLISHED: 2022-09-28
A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical devi...
CVE-2022-40486
PUBLISHED: 2022-09-28
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.
CVE-2022-2760
PUBLISHED: 2022-09-28
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.
CVE-2022-30935
PUBLISHED: 2022-09-28
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to get valid sessions for arbitrary users, and optionally reset their password. Tested and confirmed in...
CVE-2022-32166
PUBLISHED: 2022-09-28
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks� function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification...