Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Ed Amoroso

CEO, TAG Cyber LLC

News & Commentary Posts: 2

Dr. Edward G. Amoroso is currently chief executive officer of TAG Cyber LLC, a global cyber security advisory, training, consulting, and media services company supporting hundreds of companies across the world. Ed recently retired from AT&T after thirty-one years of service, beginning in Unix security R&D at Bell Labs and culminating as senior vice president and chief security officer of AT&T from 2004 to 2016.

Ed has been adjunct professor of computer science at the Stevens Institute of Technology for the past 27 years, where he has introduced nearly two thousand graduate students to the topic of information security. He is also affiliated with the Tandon School of Engineering at NYU as an instructor, and the Applied Physics Laboratory at Johns Hopkins University as a senior advisor. He is author of six books on cyber security and dozens of major research and technical papers and articles in peer-reviewed and major publications.

Ed holds the BS degree in physics from Dickinson College, the MS/PhD degrees in Computer Science from the Stevens Institute of Technology, and is a graduate of the Columbia Business School. He holds ten patents in the area of cyber security and media technology and he serves as a Member of the Board of Directors for M&T Bank. Ed's work has been highlighted on CNN, the New York Times, and the Wall Street Journal. He has worked directly with four Presidential administrations on issues related to national security, critical infrastructure protection, and cyber policy.

Articles by Ed Amoroso

View Content By Month

Election 2016 & WikiLeaks: Bad, But Not Your Worst Nightmare

11/4/2016
John Podesta may be the poster child for poor user security practices but the real problem is rigid regulatory compliance frameworks that perpetuate ineffective perimeter defenses.
Post a Comment

The New Security Architecture

11/20/2013
Recent high profile attacks reflect a new reality in which perimeter-based security models are increasingly less effective in protecting key corporate assets and information.
Post a Comment

Hot Topics

Editors' Choice

Russia Hacked Clinton's Computers Five Hours After Trump's Call

Robert Lemos, Technology Journalist/Data Researcher, 4/19/2019

Tips for the Aftermath of a Cyberattack

Kelly Sheridan, Staff Editor, Dark Reading, 4/17/2019

Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent

Dark Reading Staff 4/18/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

White Papers

Security in the New World of Containers & Serverless

6 Keys to Faster Phishing Mitigation

Real-Time Phishing Threat Intelligence

The State of Mainframe Security

7 SIEM Trends to Watch in 2019

More White Papers

Video

All Videos

Cartoon

Latest Comment: Bill just doesn't realize it's more than a 2 dimensional world.

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Developing Secure Applications

IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.

Download Now!

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

How Enterprises Are Using IT Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-11378
PUBLISHED: 2019-04-20

An issue was discovered in ProjectSend r1053. upload-process-form.php allows finished_files[]=../ directory traversal. It is possible for users to read arbitrary files and (potentially) access the supporting database, delete arbitrary files, access user passwords, or run arbitrary code.

CVE-2019-11372
PUBLISHED: 2019-04-20

An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

CVE-2019-11373
PUBLISHED: 2019-04-20

An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

CVE-2019-11374
PUBLISHED: 2019-04-20

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.

CVE-2019-11375
PUBLISHED: 2019-04-20

Msvod v10 has a CSRF vulnerability to change user information via the admin/member/edit.html URI.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]