Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 Ilia Kolochenko
Twitter
LinkedIn
RSS
E-Mail

Profile of Ilia Kolochenko

Founder, CEO, and Chief Architect at ImmuniWeb Inc
News & Commentary Posts: 3

Ilia Kolochenko is a Swiss application security expert and entrepreneur. He started his career as a penetration tester and has 15 years of experience in security auditing and digital forensics. After serving in Swiss artillery troops in 2007, Ilia founded his first pentesting and cybersecurity consultancy High-Tech Bridge. In 2014, Frost & Sullivan named the company a leading service provider in the European pentesting market. Later Ilia invented and built the concept of the ImmuniWeb Platform, which combines the strengths of human intelligence with Machine Learning, and is now entirely dedicated to it. As a Chief Architect at ImmuniWeb, he leads the company's data scientists, security analysts, and software engineers.

Ilia holds a bachelor degree in Computer Science and Mathematics from Webster University, a Master of Legal Studies from Washington University in St. Louis and a Master of Science in Criminal Justice (Cybercrime Investigation) from Boston University. Currently, Ilia is a Doctoral student (Ph.D. in Cybersecurity Leadership) at Capitol Technology University. Ilia Kolochenko is a member of Europol Data Protection Experts Network (EDEN), a Member of GIAC Advisory Board and a Committee Member at Boston University MET CIC (Cybercrime Investigation & Cybersecurity) Center. Ilia is a certified GIAC GLEG professional (Law of Data Security & Investigations) and a Certified Information Privacy Professional (CIPP/US and CIPP/E) by IAPP.

Articles by Ilia Kolochenko
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31414
PUBLISHED: 2021-04-16
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.
CVE-2021-26073
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or ...
CVE-2021-26074
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a se...
CVE-2018-19942
PUBLISHED: 2021-04-16
A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QT...
CVE-2021-27691
PUBLISHED: 2021-04-16
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request...