Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/9/2018
11:40 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Dark Reading News Desk Live at Black Hat USA 2018

Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.

BLACK HAT USA - Whether you are hitting the Mandalay Bay for the Black Hat USA 2018 conference this week or peeking at the news feeds from afar, keep your browser open here from 2 pm to 6 pm Eastern (11 - 3 Pacific) on Wednesday, Aug. 8 and Thursday Aug. 9. The Dark Reading News Desk will once again be streaming live right here at https://darkreading.com/drnewsdesk or watch live on YouTube., bringing you over 40 video interviews with speakers and exhibitors at the show.

Keep tabs on the action on Twitter by following @DarkReading and #DRNewsDesk. Here's our all-star lineup, in order of appearance (subject to change): 

Wednesday, August 8

  • Allison Bender, Counsel, ZwillGen PLLC and Amit Elazari, Doctoral Law Candidate, Berkeley Law, CLTC, MICS Program
  • Hugh Njemanze, CEO, Anomali
  • Cathal Smyth, Machine Learning Researcher, Royal Bank of Canada and Clare Gollnick, CTO and Chief Scientist, Terbium Labs
  • Haiyan Song, SVP and GM of Security Markets, Splunk and Oliver Friedrichs, VP of Security Orchestration and Automation, Splunk
  • Dr. Paul Vixie, CEO & Co-Founder, Farsight Security
  • Carsten Schuermann, Associate Professor, University of Copenhagen
  • Rohyt Belani, CEO, Cofense Inc.
  • Marc Ph. Stoecklin, Principal Research Scientist and Manager of Cognitive Cybersecurity Intelligence, IBM Research
  • Balint Seeber, Director of Vulnerability Research, Bastille
  • Scott Schneider, Chief Revenue Officer, CyberGRX
  • Justin Engler, Technical Director, NCC Group and Tyler Lukasiewicz, Security Consultant, NCC Group
  • Andrew Blaich, Head of Device Intelligence at Lookout and Michael Flossman, Head of Threat Intelligence at Lookout
  • Ben Gras, Security Researcher, PhD Student, VU University
  • Chester Wisniewski, Principal Research Scientist, Sophos
  • Mark Dufresne, VP of Threat Research and Adversary Prevention, Endgame
  • Jonathan Butts, CEO, QED and Billy Rios, Founder, Whitescope
  • Mike Hamilton, Chief Executive Officer, Ziften
  • IJay Palansky, Partner, Armstrong Teasdale LLP
  • Russ Spitler, SVP Product, AlienVault

Thursday, August 9:

  • Daniel Crowley, Research Baron, IBM X-Force Red and Jennifer Savage, Security Researcher, Threatcare
  • Mark Orlando, Chief Technology Officer, Cyber Protection Solutions, Raytheon
  • Brittany Postnikoff, Researcher, University of Waterloo and Sara-Jayne Terp, Data Scientist, AppNexus
  • Chris Eng, Vice President of Security Research, CA Veracode
  • Ruben Santamarta, Principal Security Consultant, IOActive
  • Justin Shattuck, Principal Threat Researcher, F5 Networks
  • Ofer Maor, Director of Solutions Management, Synopsys Software Integrity Group
  • Andrea Carcano, PhD, Co-founder and CPO, Nozomi Networks and Younes Dragoni, Security Researcher, Nozomi Networks
  • Kingkane Malmquist, Information Security Analyst, Mayo Clinic
  • Jordan Wright, Principal R&D Engineer, Duo Security and Olabode Anise, Data Scientist, Duo Security
  • Celeste Lyn Paul, Senior Researcher, NSA and Josiah Dykstra, Deputy Technical Director of Cybersecurity Operations, NSA
  • Juan Pablo Perez-Etchegoyen, CTO, Onapsis and Michael Marriott, Research Analyst, Digital Shadows
  • Ofer Israeli, CEO, Illusive Networks
  • Andrei Costin, Assistant Professor at University of Jyvaskyla, JYU.FI and Security Researcher at Firmware.RE
  • Tanuj Gulati, CTO and Co-founder, Securonix
  • Ashley Holtz, Intelligence, NBCUniversal
  • Michelle Johnson Cobb, Chief Marketing Officer, Skybox Security
  • Kenneth Geers, Chief Research Scientist, Comodo
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
aumickmanuela
50%
50%
aumickmanuela,
User Rank: Strategist
8/7/2018 | 4:48:55 AM
Conferesce
Is entry for free? How long it is going? Have I a chance to ask some question to speakers?
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30477
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to.
CVE-2021-30478
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a system bot, including to other organizations hosted by the sa...
CVE-2021-30479
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization.
CVE-2021-30487
PUBLISHED: 2021-04-15
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
CVE-2020-36288
PUBLISHED: 2021-04-15
The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused ...