Monday, September 23, 2019
SC Magazine

Steve Grobman – McAfee

Steve GrobmanSenior Vice President & Chief Technology OfficerMcAfee Why Nominated:  With over 20 years of experience, Grobman has held numerous technical and cybersecurity leadership positions over the years. In these various roles – from his time as an...
SC Magazine

Greg Lesnewich – Recorded Future

Greg LesnewichThreat Intelligence AnalystRecorded Future Why Nominated: With a focus on state-sponsored espionage campaigns and Middle Eastern- borne cyber threats, as a Threat Intelligence Analyst at Recorded Future, Greg Lesnewich provides detailed threat actor and malware profiles to some of the world’s...
SC Magazine

Ophir HarpazSecurity ResearcherGuardicore Why nominated: After spending several years working on email security products, Ophir Harpaz became interested in understanding how malware worked. She then began working as a cybercrime researcher specializing in financial malware and hunted banking trojans and analyzed their...
SC Magazine

Amina Bashir – Flashpoint

Amina BashirAnalyst II, Hunt TeamFlashpoint Why Nominated: Flashpoint analystAmina Bashir is her company’s go-to subject-matter expert on the threat landscape of the Indian subcontinent. In her role, she has authored key research on the malicious use of chatbots, as well as vulnerabilities...
SC Magazine

Ning Wang – Offensive Security

Ning WangCEO Offensive Security Why Nominated: Ning Wang is a rising star has worked to break the boundaries in the security industry, so that people can see that anyone is capable of starting a career in cybersecurity and advancing it –...
SC Magazine

Dani Martínez – IOActive

Dani MartínezSecurity ConsultantIOActive Why nominated: Dani Martínez proved to be a self-starter, beginning his career in IT he soon developed an interest in cybersecurity and began taking online courses in his spare time. Martínez also dove write in and began a cybersecurity blog...
SC Magazine

Maurice Stebila – Harman, a Samsung Company

Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company Why nominated: Maurice Stebila has spent more than 30 years in the automotive, manufacturing and financial services industry supporting two of the world’s largest companies – EDS/General Motors and Harman by Samsung...
SC Magazine

Ed Adams – Security Innovation

Ed AdamsPresident and CEOSecurity Innovation Why Nominated: A highly respected veteran of the cybersecurity industry, Security Innovation CEO Ed Adams has taken on several new leadership roles in the year or so. Last April, he was named to board of directors of...
SC Magazine

David Archer – Galois

David ArcherPrincipal scientistGalois Why Nominated: Archer, an advocate for preserving privacy of data even when it’s used in decision-making both within the U.S. at all levels of government as well as internationally, directs research in privacy-preserving information technologies. Profile:  David Archer is all...
SC Magazine

Eve Maler – ForgeRock

Eve MalerVice PresidentInnovation & Emerging TechnologyForgeRock Why nominated: Eve Maler is a leading proponent on a variety of topics including from privacy and digital identity, security, privacy, and consent, with a focus on fostering successful ecosystems and individual empowerment. Maler drives...
SC Magazine

Rebecca Wynn – Matrix Medical Network

Rebecca WynnHead of Information Security & Data Protection OfficerMatrix Medical Network Why Nominated: Rebecca Wynn is responsible for fortifying Matrix Medical Network’s systems and data against increasingly sophisticated cyberattacks against health care providers, including data breaches, ransomware and IoT medical device...
SC Magazine

Laura Lee – Circadence Corporation

Laura LeeEVP, Rapid PrototypingCircadence Corporation Why Nominated:  Laura Lee, who manages rapid-prototype projects for experiential cybersecurity learning on the Circadence’s AI-powered platform Project Ares, brings an exceptional leadership record in the field of cyber exercises and training, previously directing the research and development...
SC Magazine

Andrew van der Stock – Synopsys

Andrew van der StockSenior Principal ConsultantSynopsys Why nominated: A 20-year veteran Andrew van der Stock is a senior principal consultant at Synopsys, providing technical leadership in security architecture, threat modeling, secure coding guidelines and reviews, assurance and penetration...
SC Magazine

Yatia Hopkins – eSentire

Yatia HopkinsSolutions EngineeringTeam LeadeSentire Why nominated: Yatia Hopkins brings the mentoring skills she honed as lead of eSentire’s Solutions Engineering team to Yeshiva University’s MS in Cybersecurity program. A frequent participant in women’s career organizations, Hopkins is committed to making...
SC Magazine

Adam Isles – The Chertoff Group

Adam IslesPrincipalThe Chertoff Group Why Nominated: Adam Isles, who has held leadership positions in the U.S. Department of Homeland Security, Department of Justice, National Security Council and Raytheon before joining The Chertoff Group, is a senior associate (non- resident)...
SecurityWeek

Being CISO Is No Longer a Dead-End Job

A decade ago, being named as CISO was considered the highest rung achievable from within the security function. This is changing, driven by increasing cyber awareness in the boardroom, the embedding of cyber risk in every part of the...
Computerworld

iOS 13: Apple’s big BYOD improvements help enterprise pros

Apple may place much of its focus on Apple Arcade and consumer-friendly iPad/iPhone features, but there are numerous enterprise-focused enhancements wrapped up inside iOS 13.The BYOD enterprise The company’s latest operating systems introduce a host of productivity-enhancing upgrades, particularly for...
Graham Cluley

I’m keynoting about cybercrime at the CRN MSP conference in London next week

I’m the opening keynote speaker at CRN’s MSP conference in London next week, where – amongst other things – I’ll be describing to managed service providers how it’s possible to make a billion dollars through cybercrime. I hope to see...

Google Assistant Audio Privacy Controls Updated After Outcry

Google is tightening its privacy controls over its Google Assistant voice assistant after a report earlier this year found that it was eavesdropping on user conversations.
ZDNet

New North Korean malware targeting ATMs spotted in India

Another version of the same malware, but with RAT-like features, spotted targeting Indian research centers.

Vulnerability Summary for the Week of September 16, 2019

Original release date: September 23, 2019  The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated...

VMware Releases Security Updates for Multiple Products

Original release date: September 20, 2019VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and...

CISA Releases Four New Insights Products

Original release date: September 20, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released four new CISA Insights products informed by U.S. intelligence and real-world events. Each of the following products provides a description of the threat, lessons learned,...
F5 Networks

glibc vulnerabilities CVE-2019-1010024, CVE-2019-1010025

glibc vulnerabilities CVE-2019-1010024, CVE-2019-1010025 Security Advisory Security Advisory Description CVE-2019-1010024 GNU Libc current is affected by: Mitigation bypass. The impact is: ...
Cisco

Cisco Data Center Network Manager Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to retrieve sensitive information from an affected device. The vulnerability is due to improper access controls for certain URLs on...