Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Joe Hernick

IT Director

News & Commentary Posts: 3

Joe Hernick is in his seventh year as director of academic technology at Suffield Academy, where he teaches, sits on the Academic Committee, provides faculty training and is a general proponent of information literacy. He was formerly the director of IT and computer studies chair at the Loomis Chaffee School in Windsor, CT, and spent 10 years in the insurance industry as a director and program manager at CIGNA.

Articles by Joe Hernick

View Content By Month

The Biggest Threat? It May Be You

6/18/2009
When it comes to virtual server security, you might just be the weak link. Or, more precisely, your lack of planning, maintenance, and governance of that VM server farm.
Post a Comment

InformationWeek Analytics: Endpoint Security And DLP

4/23/2009
A smart mix of policies, education, and new technologies like data loss prevention can help IT balance access and protection.
Post a Comment

Virtualization Security Heats Up

8/30/2007
An attack that breaches the hypervisor is IT's new worst nightmare. Are you prepared?
Post a Comment

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 5/28/2020

The Problem with Artificial Intelligence in Security

Dr. Leila Powell, Lead Security Data Scientist, Panaseer, 5/26/2020

10 iOS Security Tips to Lock Down Your iPhone

Kelly Sheridan, Staff Editor, Dark Reading, 5/22/2020

Webinars

[Free Virtual Event] Using Microsoft in 2020 & Beyond

Don't Miss this Dark Reading Virtual Event on Critical Data Breaches

Red Team Realities: Testing that goes beyond compliance

Webinar Archives

White Papers

CyberSecurity Trends 2020

Key to Cloud Success: The Right Management

3 Reasons Why Your Remote Workforce is Vulnerable

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

Five Reasons to Protect your VPN with Multi-Factor Authentication

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: I read online that Anthrax kills Coronavirus, so I made my own spray. Hope you don't mind.

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.

Download Now!

State of Cybersecurity Incident Response

How Enterprises Are Developing and Maintaining Secure Applications

How Enterprises are Attacking the Cybersecurity Problem

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-13173
PUBLISHED: 2020-05-28

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing...

CVE-2019-6342
PUBLISHED: 2020-05-28

An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.

CVE-2020-11082
PUBLISHED: 2020-05-28

In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.

CVE-2020-5357
PUBLISHED: 2020-05-28

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time wi...

CVE-2020-13660
PUBLISHED: 2020-05-28

CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]