Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 Vanessa Sauter
Twitter
LinkedIn
RSS
E-Mail

Profile of Vanessa Sauter

Security Strategy Analyst at Cobalt.io
Member Since: 8/28/2019
Author
News & Commentary Posts: 1
Comments: 0

Vanessa Sauter is a security strategy analyst at Cobalt.io, a Pentest as a Service company, where she focuses on application security and blue teaming. She previously worked at the Brookings Institution and the Aspen Institute in Washington, DC, where she specialized in cybersecurity policy and national security law. Her interest in web application vulnerabilities stems from her work researching and writing about APTs. Vanessa graduated from Columbia University in 2016 and worked at Columbia's Graduate School of Journalism for three years. Her writing has been cited in numerous publications, including The Washington Post, Forbes, and Lawfare.

Articles by Vanessa Sauter
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness
Robert Lemos, Contributing Writer,  7/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19453
PUBLISHED: 2020-08-03
Wowza Streaming Engine through 2019-11-28 allows XSS (issue 1 of 2).
CVE-2019-19455
PUBLISHED: 2020-08-03
Wowza Streaming Engine through 2019-11-28 has Insecure Permissions.
CVE-2020-4560
PUBLISHED: 2020-08-03
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2019-4589
PUBLISHED: 2020-08-03
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. IBM X-Force ID: 167449.
CVE-2020-4328
PUBLISHED: 2020-08-03
IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839.