Advertise

Author

Profile of Brendan Saltaformaggio

Assistant Professor, Georgia Tech School of Electrical and Computer Engineering

Member Since: 11/20/2017
Author
News & Commentary Posts: 1
Comments: 1

Dr. Brendan Saltaformaggio is an Assistant Professor in the School of Electrical and Computer Engineering at Georgia Tech, with a courtesy appointment in the School of Computer Science. His research interests lie in computer systems security, cyber forensics, and the vetting of untrusted software.

Dr. Saltaformaggio serves as the Director of the Cyber Forensics Innovation (CyFI) Laboratory. The CyFI Lab's mission is to further the investigation of advanced cyber crimes and the analysis and prevention of next-generation malware attacks, particularly in mobile and IoT Internet of Things environments. This research has led to numerous publications at top cyber security venues, including a Best Paper Award from the ACM Conference on Computer and Communications Security (CCS'15) in 2015 and a Best Student Paper Award from the 2014 USENIX Security Symposium.

Originally from New Orleans, Dr. Saltaformaggio earned his B.S. with Honors in Computer Science from the University of New Orleans in 2012. He received his M.S. and Ph.D. in Computer Science at Purdue University in 2014 and 2016, respectively, during which Dr. Saltaformaggio was honored with the 2017 ACM SIGSAC Doctoral Dissertation Award as well as two fellowships: the 2016 Symantec Research Labs Graduate Fellowship and the inaugural Emil Stefanov Memorial Fellowship in Computer Science.

Articles by Brendan Saltaformaggio

View Content By Month

Cyber Forensics: The Next Frontier in Cybersecurity

11/27/2017
We can now recover evidence from the RAM on a cellphone, even if the account is locked, and use it to prosecute a case.
Post a Comment

Content by Month
November 2017 - 1
[close this box]

Hot Topics

Editors' Choice

New Mexico Man Sentenced on DDoS, Gun Charges

Dark Reading Staff 5/18/2018

'Roaming Mantis' Android Malware Evolves, Expands Targets

Dark Reading Staff 5/21/2018

Google to Delete 'Secure' Label from HTTPS Sites

Kelly Sheridan, Staff Editor, Dark Reading, 5/21/2018

Webinars

Improving Enterprise Authentication: Taming the Password Beast

Malicious Insiders: Real Defense for Real Businesses

Dark Reading Virtual Event: Why Cybercriminals Attack

Webinar Archives

White Papers

Phishing Attack Bypasses Two-Factor Authentication

Mobile Devices: The New Support Frontier for IT (IDG Report)

Cyber-Attack Security Guide

The Changing Role of the CISO

Unstructured Data Risk Assessment

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "The one you have not seen, won't be remembered".

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

The Dark Reading Security Spending Survey

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2017-9317
PUBLISHED: 2018-05-23

Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.

CVE-2018-1193
PUBLISHED: 2018-05-23

Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections.

CVE-2018-1122
PUBLISHED: 2018-05-23

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

CVE-2018-1123
PUBLISHED: 2018-05-23

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

CVE-2018-1125
PUBLISHED: 2018-05-23

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]