Analytics

4/26/2012
02:13 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Expands Content Review Board

Chris Rohlf and Chris Wysopal join board

San Francisco, CA — April 26, 2012 — Black Hat, the world’s leading family of information security events, today announced Chris Rohlf and Chris Wysopal will be joining the Black Hat Review Board. Comprised of 21 experts throughout the areas of information security, the review board advises Black Hat on its strategic direction, assisting in reviewing and programming conference content, and providing extended reach into the research community. Black Hat USA will take place July 21-July 26 at Caesar’s Palace in Las Vegas. For more information visit www.blackhat.com.

Click here for more of Dark Reading's Black Hat articles.

Chris Rohlf is an independent security consultant and owner of Leaf Security Research where he specializes in vulnerability discovery and reverse engineering. Chris has ten years of experience in various security roles including developer, researcher and consultant. Prior to founding Leaf SR he was a Principal Security Consultant at Matasano Security in NYC and has previously worked as a Security Researcher for the US Department of Defense. Chris has discovered and published numerous security vulnerabilities affecting web browsers, operating systems and more. He has spoken at industry conferences including Black Hat and is the author of numerous open source security tools

Chris Wysopal, Veracode's CTO and Co-Founder, is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and a member of L0pht Heavy Industries, he has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He published his first advisory in 1996 on parameter tampering in Lotus Domino and has been helping researchers avoid this type of mistake for 15 years. He is also the author of "The Art of Software Security Testing" published by Addison-Wesley.

“Chris Rohlf and Chris Wysopal are influential subject matter experts in the industry, long-time friends and contributors to the Black Hat community,” said Trey Ford, General Manager of Black Hat. “We are excited to bring them onto the team in an official capacity, our Review Board members share the unique privilege of assessing the most innovative and cutting-edge security research from every corner of the industry."

In addition to Chris Rohlf and Chris Wysopal, the Black Hat advisory board is comprised of the following researchers and leading industry minds:

James Butler, Director of Research and Development at MANDIANT Matt Devost, President and CEO of FusionX LLC Mark Dowd, Independent Security Researcher Chris Eagle, Senior Lecturer of Computer Science at the Naval Postgraduate School Jeremiah Grossman, Founder and Chief Technology Officer of WhiteHat Security Nathan Hamiel, Principal Consultant for FishNet Robert Hansen, CEO and Founder of SecTheory Christopher Hoff,Chief Architect, Security at Juniper Networks Vincenzo Iozzo, Director of Vulnerability Intelligence at Trail of Bits Felix 'FX' Lindner, Owner of Recurity Labs Jeff Moss, Chief Security Officer, iCANN Shawn Moyer, Manager, Research Consulting Practice for Accuvant Labs Adam Shostack,Principal Program Manager at Microsoft Alex Sotirov, co-Founder and Chief Scientist, Trail of Bits Alex Stamos, co-Founder and CTO of iSEC Partners Robert Stratton, Director, Government Research at Symantec Yuji Ukai, CEO of Fourteenforty Research Institute Inc. Alex Wheeler, Independent Security Researcher Stefano Zanero, Assistant Professor with the Dipartimento di Elettronica e Informazione Milan & founder Secure Network

The world’s most significant security event brings together thought-leaders from around the world to dissect the latest security trends. This year Black Hat USA 2012 will host digital security experts, bringing together public and private sector security professionals and underground hackers in Las Vegas to uncover groundbreaking new vulnerabilities and new security tools debuting for the first time.

About Black Hat

Black Hat provides briefings and training to leading corporations and government agencies around the world. Black Hat differentiates itself by working at many levels within the corporate, government, and underground communities. This unmatched informational reach enables Black Hat attendees to be continuously aware of the newest vulnerabilities, defense mechanisms, and industry trends. Black Hat Briefings and Trainings are held annually in Europe and Las Vegas. Black Hat is produced by UBM TechWeb. More information is available at www.blackhat.com.

About UBM TechWeb

UBM TechWeb, the global leader in technology media and professional information, enables people and organizations to harness the transformative power of technology. Through its three core businesses – media solutions, marketing services and paid content – UBM TechWeb produces the most respected and consumed brands and media applications in the technology market. More than 14.5 million business and technology professionals (CIOs and IT managers, Web & Digital professionals, Software Developers, Government decision makers, and Telecom providers) actively engage in UBM TechWeb’s communities and information resources monthly. UBM TechWeb brands include: global face-to-face events such as Interop, Web 2.0, Black Hat and Enterprise Connect; award-winning online resources such as InformationWeek, Dark Reading, and Network Computing; and market-leading magazines InformationWeek, Wall Street & Technology, and Advanced Trading. UBM TechWeb is a UBM plc. company, a global provider of news distribution and specialist information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
Jai Vijayan, Freelance writer,  2/12/2019
Up to 100,000 Reported Affected in Landmark White Data Breach
Kelly Sheridan, Staff Editor, Dark Reading,  2/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8354
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
CVE-2019-8355
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
CVE-2019-8356
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
CVE-2019-8357
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
CVE-2013-2516
PUBLISHED: 2019-02-15
Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.