Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 Joe Schorr
LinkedIn
Twitter
RSS
E-Mail

Profile of Joe Schorr

Director of Advanced Security Solutions, Bomgar
Member Since: 5/23/2016
Author
News & Commentary Posts: 1
Comments: 0

Joe Schorr is Director of Advanced Security Solutions for Bomgar, a secure access solutions provider. He has over 20 years professional services and industry experience in information technology and information security. Before joining Bomgar, Joe was a Strategic Solutions Architect for HP Enterprise Security Services.

Previously he was a principal security strategist and was a full-time partner resident working as a product manager at Symantec. Joe was the managing consultant for the British Telecom (BT) Ethical Hacking Center of Excellence. While there he led an 11,000 hour PCI Compliance test for a large telco and led a dedicated Red Team that tested over 100 Web Apps per year for a Top 5 global bank. He has performed many social engineering, physical security and network assessments over the years. Joe has been published and also presented on a range of topics including PCI, HIPAA, APTs, SCADA security, attacker mindset, social engineering, pen testing, wireless security, enterprise risk management and security awareness at DefCON, ISSA Intl., GrrCon, DerbyCon and many other venues.

Articles by Joe Schorr
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12820
PUBLISHED: 2019-07-19
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account, th...
CVE-2019-12821
PUBLISHED: 2019-07-19
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containin...
CVE-2019-12453
PUBLISHED: 2019-07-19
In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.
CVE-2019-12945
PUBLISHED: 2019-07-19
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2018-17792
PUBLISHED: 2019-07-19
MDaemon Webmail (formerly WorldClient) has CSRF.