Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Ed Amoroso

CEO, TAG Cyber LLC

News & Commentary Posts: 2

Dr. Edward G. Amoroso is currently chief executive officer of TAG Cyber LLC, a global cyber security advisory, training, consulting, and media services company supporting hundreds of companies across the world. Ed recently retired from AT&T after thirty-one years of service, beginning in Unix security R&D at Bell Labs and culminating as senior vice president and chief security officer of AT&T from 2004 to 2016.

Ed has been adjunct professor of computer science at the Stevens Institute of Technology for the past 27 years, where he has introduced nearly two thousand graduate students to the topic of information security. He is also affiliated with the Tandon School of Engineering at NYU as an instructor, and the Applied Physics Laboratory at Johns Hopkins University as a senior advisor. He is author of six books on cyber security and dozens of major research and technical papers and articles in peer-reviewed and major publications.

Ed holds the BS degree in physics from Dickinson College, the MS/PhD degrees in Computer Science from the Stevens Institute of Technology, and is a graduate of the Columbia Business School. He holds ten patents in the area of cyber security and media technology and he serves as a Member of the Board of Directors for M&T Bank. Ed's work has been highlighted on CNN, the New York Times, and the Wall Street Journal. He has worked directly with four Presidential administrations on issues related to national security, critical infrastructure protection, and cyber policy.

Articles by Ed Amoroso

View Content By Month

Election 2016 & WikiLeaks: Bad, But Not Your Worst Nightmare

11/4/2016
John Podesta may be the poster child for poor user security practices but the real problem is rigid regulatory compliance frameworks that perpetuate ineffective perimeter defenses.
Post a Comment

The New Security Architecture

11/20/2013
Recent high profile attacks reflect a new reality in which perimeter-based security models are increasingly less effective in protecting key corporate assets and information.
Post a Comment

Hot Topics

Editors' Choice

Security Pros Agree Military Should Conduct Offensive Hacking

Dark Reading Staff 2/11/2019

Valentine's Emails Laced with Gandcrab Ransomware

Kelly Sheridan, Staff Editor, Dark Reading, 2/14/2019

High Stress Levels Impacting CISOs Physically, Mentally

Jai Vijayan, Freelance writer, 2/14/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

[SANS] The Need for Speed: Integrated Threat Response

Can Proactive Threat Hunting Save Your Business?

Dark Reading Round Up

Cyber Crime in the Payments Industry

Investigate East-West Attacks on Critical Assets with Network Traffic Analysis

More White Papers

Video

All Videos

Cartoon

Latest Comment: I know I'm just the intern, but I don't think you put much forethought into security...

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-8423
PUBLISHED: 2019-02-18

ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.

CVE-2019-8424
PUBLISHED: 2019-02-18

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.

CVE-2019-8425
PUBLISHED: 2019-02-18

includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.

CVE-2019-8426
PUBLISHED: 2019-02-18

skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.

CVE-2019-8427
PUBLISHED: 2019-02-18

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]