Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

6/22/2021
02:05 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Expert Paul Kurtz Joins Nisos Board of Directors

Nisos, the Managed Intelligence℠ company, today announced that noted security and intelligence expert Paul Kurtz has joined the company’s Board of Directors. A longtime advisor and leader in matters of cyber risk, counterterrorism and critical infrastructure protection, Kurtz brings experience and insights from a long career in public-private sector coordination and guiding action against rapidly evolving global risks. His arrival continues a year of rapid growth and opportunity for Nisos, including $6 million in new funding and the appointment of David Etue as CEO.

“Paul’s background shaping the evolution of intelligence and information-sharing across cyber, geopolitical and industry dimensions make him an outstanding addition to the Board,” said Nisos CEO David Etue. “We are excited about having Paul join us and are sure to benefit from the perspective he brings to the table.”

“Nisos is positioned where the avenues of cyber and business risk intersect. Executives, security and intelligence teams are demanding unique skills and are increasingly challenged to anticipate, identify, and counter new and more sophisticated adversaries,” Kurtz added. “Technology alone cannot fulfill this mission, it takes a diversity of insights, experience and tools to truly deliver timely, relevant and actionable intelligence. It is a privilege to come aboard and join Nisos at this exciting stage.”

Kurtz began working on cybersecurity at the White House in the late 1990s. He served in senior positions relating to critical infrastructure and counterterrorism on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush. Since leaving government, Kurtz has held numerous private sector cybersecurity positions including founding the Cyber Security Industry Alliance (Acquired by Tech America), serving as Executive Director of SAFECode, Managing Partner of Good Harbor Consulting in Abu Dhabi and as CISO of CyberPoint International. He also is a founding board member of the Cloud Security Alliance and Co-Founder and Executive Chairman of TruSTAR, which was acquired by Splunk in May 2021.

Nisos solutions enable security, intelligence, and trust & safety teams to leverage a world-class intelligence capability tailored to their needs. Nisos’ Adversary Insights℠, Intel as a Service and Zero Touch Diligence℠ offerings fuse cyber intelligence with threat investigation techniques to identify and disrupt adversaries before they cause harm to an organization. Its blue-chip clients include Fortune 100 corporations and internet platform companies.

About Nisos

Nisos is the Managed Intelligence company. Our services enable security, intelligence, and trust & safety teams to leverage a world-class intelligence capability tailored to their needs. We fuse robust data collection with a deep understanding of the adversarial mindset delivering smarter defense and more effective response against advanced cyber attacks, disinformation and abuse of digital platforms. For more information visit: www.nisos.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26564
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFil...
CVE-2020-26565
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.
CVE-2020-26806
PUBLISHED: 2021-07-31
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.
CVE-2021-33617
PUBLISHED: 2021-07-31
Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName&userName= username enumeration, because the response (to a failed login request) is null only when the username is invalid.
CVE-2021-27491
PUBLISHED: 2021-07-30
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process.