Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/9/2018
11:40 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Dark Reading News Desk Live at Black Hat USA 2018

Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.

BLACK HAT USA - Whether you are hitting the Mandalay Bay for the Black Hat USA 2018 conference this week or peeking at the news feeds from afar, keep your browser open here from 2 pm to 6 pm Eastern (11 - 3 Pacific) on Wednesday, Aug. 8 and Thursday Aug. 9. The Dark Reading News Desk will once again be streaming live right here at https://darkreading.com/drnewsdesk or watch live on YouTube., bringing you over 40 video interviews with speakers and exhibitors at the show.

Keep tabs on the action on Twitter by following @DarkReading and #DRNewsDesk. Here's our all-star lineup, in order of appearance (subject to change): 

Wednesday, August 8

  • Allison Bender, Counsel, ZwillGen PLLC and Amit Elazari, Doctoral Law Candidate, Berkeley Law, CLTC, MICS Program
  • Hugh Njemanze, CEO, Anomali
  • Cathal Smyth, Machine Learning Researcher, Royal Bank of Canada and Clare Gollnick, CTO and Chief Scientist, Terbium Labs
  • Haiyan Song, SVP and GM of Security Markets, Splunk and Oliver Friedrichs, VP of Security Orchestration and Automation, Splunk
  • Dr. Paul Vixie, CEO & Co-Founder, Farsight Security
  • Carsten Schuermann, Associate Professor, University of Copenhagen
  • Rohyt Belani, CEO, Cofense Inc.
  • Marc Ph. Stoecklin, Principal Research Scientist and Manager of Cognitive Cybersecurity Intelligence, IBM Research
  • Balint Seeber, Director of Vulnerability Research, Bastille
  • Scott Schneider, Chief Revenue Officer, CyberGRX
  • Justin Engler, Technical Director, NCC Group and Tyler Lukasiewicz, Security Consultant, NCC Group
  • Andrew Blaich, Head of Device Intelligence at Lookout and Michael Flossman, Head of Threat Intelligence at Lookout
  • Ben Gras, Security Researcher, PhD Student, VU University
  • Chester Wisniewski, Principal Research Scientist, Sophos
  • Mark Dufresne, VP of Threat Research and Adversary Prevention, Endgame
  • Jonathan Butts, CEO, QED and Billy Rios, Founder, Whitescope
  • Mike Hamilton, Chief Executive Officer, Ziften
  • IJay Palansky, Partner, Armstrong Teasdale LLP
  • Russ Spitler, SVP Product, AlienVault

Thursday, August 9:

  • Daniel Crowley, Research Baron, IBM X-Force Red and Jennifer Savage, Security Researcher, Threatcare
  • Mark Orlando, Chief Technology Officer, Cyber Protection Solutions, Raytheon
  • Brittany Postnikoff, Researcher, University of Waterloo and Sara-Jayne Terp, Data Scientist, AppNexus
  • Chris Eng, Vice President of Security Research, CA Veracode
  • Ruben Santamarta, Principal Security Consultant, IOActive
  • Justin Shattuck, Principal Threat Researcher, F5 Networks
  • Ofer Maor, Director of Solutions Management, Synopsys Software Integrity Group
  • Andrea Carcano, PhD, Co-founder and CPO, Nozomi Networks and Younes Dragoni, Security Researcher, Nozomi Networks
  • Kingkane Malmquist, Information Security Analyst, Mayo Clinic
  • Jordan Wright, Principal R&D Engineer, Duo Security and Olabode Anise, Data Scientist, Duo Security
  • Celeste Lyn Paul, Senior Researcher, NSA and Josiah Dykstra, Deputy Technical Director of Cybersecurity Operations, NSA
  • Juan Pablo Perez-Etchegoyen, CTO, Onapsis and Michael Marriott, Research Analyst, Digital Shadows
  • Ofer Israeli, CEO, Illusive Networks
  • Andrei Costin, Assistant Professor at University of Jyvaskyla, JYU.FI and Security Researcher at Firmware.RE
  • Tanuj Gulati, CTO and Co-founder, Securonix
  • Ashley Holtz, Intelligence, NBCUniversal
  • Michelle Johnson Cobb, Chief Marketing Officer, Skybox Security
  • Kenneth Geers, Chief Research Scientist, Comodo
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
aumickmanuela
50%
50%
aumickmanuela,
User Rank: Strategist
8/7/2018 | 4:48:55 AM
Conferesce
Is entry for free? How long it is going? Have I a chance to ask some question to speakers?
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19594
PUBLISHED: 2019-12-05
reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file.
CVE-2019-19595
PUBLISHED: 2019-12-05
reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file.
CVE-2019-3690
PUBLISHED: 2019-12-05
The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.
CVE-2013-0243
PUBLISHED: 2019-12-05
haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections
CVE-2018-10021
PUBLISHED: 2019-12-05
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate c...