Vulnerabilities / Threats

8/9/2018
11:40 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Dark Reading News Desk Live at Black Hat USA 2018

Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.

BLACK HAT USA - Whether you are hitting the Mandalay Bay for the Black Hat USA 2018 conference this week or peeking at the news feeds from afar, keep your browser open here from 2 pm to 6 pm Eastern (11 - 3 Pacific) on Wednesday, Aug. 8 and Thursday Aug. 9. The Dark Reading News Desk will once again be streaming live right here at https://darkreading.com/drnewsdesk or watch live on YouTube., bringing you over 40 video interviews with speakers and exhibitors at the show.

Keep tabs on the action on Twitter by following @DarkReading and #DRNewsDesk. Here's our all-star lineup, in order of appearance (subject to change): 

Wednesday, August 8

  • Allison Bender, Counsel, ZwillGen PLLC and Amit Elazari, Doctoral Law Candidate, Berkeley Law, CLTC, MICS Program
  • Hugh Njemanze, CEO, Anomali
  • Cathal Smyth, Machine Learning Researcher, Royal Bank of Canada and Clare Gollnick, CTO and Chief Scientist, Terbium Labs
  • Haiyan Song, SVP and GM of Security Markets, Splunk and Oliver Friedrichs, VP of Security Orchestration and Automation, Splunk
  • Dr. Paul Vixie, CEO & Co-Founder, Farsight Security
  • Carsten Schuermann, Associate Professor, University of Copenhagen
  • Rohyt Belani, CEO, Cofense Inc.
  • Marc Ph. Stoecklin, Principal Research Scientist and Manager of Cognitive Cybersecurity Intelligence, IBM Research
  • Balint Seeber, Director of Vulnerability Research, Bastille
  • Scott Schneider, Chief Revenue Officer, CyberGRX
  • Justin Engler, Technical Director, NCC Group and Tyler Lukasiewicz, Security Consultant, NCC Group
  • Andrew Blaich, Head of Device Intelligence at Lookout and Michael Flossman, Head of Threat Intelligence at Lookout
  • Ben Gras, Security Researcher, PhD Student, VU University
  • Chester Wisniewski, Principal Research Scientist, Sophos
  • Mark Dufresne, VP of Threat Research and Adversary Prevention, Endgame
  • Jonathan Butts, CEO, QED and Billy Rios, Founder, Whitescope
  • Mike Hamilton, Chief Executive Officer, Ziften
  • IJay Palansky, Partner, Armstrong Teasdale LLP
  • Russ Spitler, SVP Product, AlienVault

Thursday, August 9:

  • Daniel Crowley, Research Baron, IBM X-Force Red and Jennifer Savage, Security Researcher, Threatcare
  • Mark Orlando, Chief Technology Officer, Cyber Protection Solutions, Raytheon
  • Brittany Postnikoff, Researcher, University of Waterloo and Sara-Jayne Terp, Data Scientist, AppNexus
  • Chris Eng, Vice President of Security Research, CA Veracode
  • Ruben Santamarta, Principal Security Consultant, IOActive
  • Justin Shattuck, Principal Threat Researcher, F5 Networks
  • Ofer Maor, Director of Solutions Management, Synopsys Software Integrity Group
  • Andrea Carcano, PhD, Co-founder and CPO, Nozomi Networks and Younes Dragoni, Security Researcher, Nozomi Networks
  • Kingkane Malmquist, Information Security Analyst, Mayo Clinic
  • Jordan Wright, Principal R&D Engineer, Duo Security and Olabode Anise, Data Scientist, Duo Security
  • Celeste Lyn Paul, Senior Researcher, NSA and Josiah Dykstra, Deputy Technical Director of Cybersecurity Operations, NSA
  • Juan Pablo Perez-Etchegoyen, CTO, Onapsis and Michael Marriott, Research Analyst, Digital Shadows
  • Ofer Israeli, CEO, Illusive Networks
  • Andrei Costin, Assistant Professor at University of Jyvaskyla, JYU.FI and Security Researcher at Firmware.RE
  • Ashley Holtz, Intelligence, NBCUniversal
  • Michelle Johnson Cobb, Chief Marketing Officer, Skybox Security
  • Kenneth Geers, Chief Research Scientist, Comodo
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
aumickmanuela
50%
50%
aumickmanuela,
User Rank: Strategist
8/7/2018 | 4:48:55 AM
Conferesce
Is entry for free? How long it is going? Have I a chance to ask some question to speakers?
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-3937
PUBLISHED: 2018-08-14
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2018-3938
PUBLISHED: 2018-08-14
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST r...
CVE-2018-12537
PUBLISHED: 2018-08-14
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.
CVE-2018-12539
PUBLISHED: 2018-08-14
In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...
CVE-2018-3615
PUBLISHED: 2018-08-14
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.