Analytics

4/26/2012
02:13 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Expands Content Review Board

Chris Rohlf and Chris Wysopal join board

San Francisco, CA — April 26, 2012 — Black Hat, the world’s leading family of information security events, today announced Chris Rohlf and Chris Wysopal will be joining the Black Hat Review Board. Comprised of 21 experts throughout the areas of information security, the review board advises Black Hat on its strategic direction, assisting in reviewing and programming conference content, and providing extended reach into the research community. Black Hat USA will take place July 21-July 26 at Caesar’s Palace in Las Vegas. For more information visit www.blackhat.com.

Click here for more of Dark Reading's Black Hat articles.

Chris Rohlf is an independent security consultant and owner of Leaf Security Research where he specializes in vulnerability discovery and reverse engineering. Chris has ten years of experience in various security roles including developer, researcher and consultant. Prior to founding Leaf SR he was a Principal Security Consultant at Matasano Security in NYC and has previously worked as a Security Researcher for the US Department of Defense. Chris has discovered and published numerous security vulnerabilities affecting web browsers, operating systems and more. He has spoken at industry conferences including Black Hat and is the author of numerous open source security tools

Chris Wysopal, Veracode's CTO and Co-Founder, is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and a member of L0pht Heavy Industries, he has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He published his first advisory in 1996 on parameter tampering in Lotus Domino and has been helping researchers avoid this type of mistake for 15 years. He is also the author of "The Art of Software Security Testing" published by Addison-Wesley.

“Chris Rohlf and Chris Wysopal are influential subject matter experts in the industry, long-time friends and contributors to the Black Hat community,” said Trey Ford, General Manager of Black Hat. “We are excited to bring them onto the team in an official capacity, our Review Board members share the unique privilege of assessing the most innovative and cutting-edge security research from every corner of the industry."

In addition to Chris Rohlf and Chris Wysopal, the Black Hat advisory board is comprised of the following researchers and leading industry minds:

James Butler, Director of Research and Development at MANDIANT Matt Devost, President and CEO of FusionX LLC Mark Dowd, Independent Security Researcher Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School Jeremiah Grossman, Founder and Chief Technology Officer of WhiteHat Security Nathan Hamiel, Principal Consultant for FishNet Robert Hansen, CEO and Founder of SecTheory Christopher Hoff,Chief Architect, Security at Juniper Networks Vincenzo Iozzo, Director of Vulnerability Intelligence at Trail of Bits Felix 'FX' Lindner, Owner of Recurity Labs Jeff Moss, Chief Security Officer, iCANN Shawn Moyer, Manager, Research Consulting Practice for Accuvant Labs Adam Shostack,Principal Program Manager at Microsoft Alex Sotirov, co-Founder and Chief Scientist, Trail of Bits Alex Stamos, co-Founder and CTO of iSEC Partners Robert Stratton, Director, Government Research at Symantec Yuji Ukai, CEO of Fourteenforty Research Institute Inc. Alex Wheeler, Independent Security Researcher Stefano Zanero, Assistant Professor with the Dipartimento di Elettronica e Informazione Milan & founder Secure Network

The world’s most significant security event brings together thought-leaders from around the world to dissect the latest security trends. This year Black Hat USA 2012 will host digital security experts, bringing together public and private sector security professionals and underground hackers in Las Vegas to uncover groundbreaking new vulnerabilities and new security tools debuting for the first time.

About Black Hat

Black Hat provides briefings and training to leading corporations and government agencies around the world. Black Hat differentiates itself by working at many levels within the corporate, government, and underground communities. This unmatched informational reach enables Black Hat attendees to be continuously aware of the newest vulnerabilities, defense mechanisms, and industry trends. Black Hat Briefings and Trainings are held annually in Europe and Las Vegas. Black Hat is produced by UBM TechWeb. More information is available at www.blackhat.com.

About UBM TechWeb

UBM TechWeb, the global leader in technology media and professional information, enables people and organizations to harness the transformative power of technology. Through its three core businesses – media solutions, marketing services and paid content – UBM TechWeb produces the most respected and consumed brands and media applications in the technology market. More than 14.5 million business and technology professionals (CIOs and IT managers, Web & Digital professionals, Software Developers, Government decision makers, and Telecom providers) actively engage in UBM TechWeb’s communities and information resources monthly. UBM TechWeb brands include: global face-to-face events such as Interop, Web 2.0, Black Hat and Enterprise Connect; award-winning online resources such as InformationWeek, Dark Reading, and Network Computing; and market-leading magazines InformationWeek, Wall Street & Technology, and Advanced Trading. UBM TechWeb is a UBM plc. company, a global provider of news distribution and specialist information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft Word Vuln Went Unnoticed for 17 Years: Report
Kelly Sheridan, Associate Editor, Dark Reading,  11/14/2017
Companies Blindly Believe They've Locked Down Users' Mobile Use
Dawn Kawamoto, Associate Editor, Dark Reading,  11/14/2017
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.