Vulnerabilities / Threats

8/9/2018
11:40 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Dark Reading News Desk Live at Black Hat USA 2018

Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.

BLACK HAT USA - Whether you are hitting the Mandalay Bay for the Black Hat USA 2018 conference this week or peeking at the news feeds from afar, keep your browser open here from 2 pm to 6 pm Eastern (11 - 3 Pacific) on Wednesday, Aug. 8 and Thursday Aug. 9. The Dark Reading News Desk will once again be streaming live right here at https://darkreading.com/drnewsdesk or watch live on YouTube., bringing you over 40 video interviews with speakers and exhibitors at the show.

Keep tabs on the action on Twitter by following @DarkReading and #DRNewsDesk. Here's our all-star lineup, in order of appearance (subject to change): 

Wednesday, August 8

  • Allison Bender, Counsel, ZwillGen PLLC and Amit Elazari, Doctoral Law Candidate, Berkeley Law, CLTC, MICS Program
  • Hugh Njemanze, CEO, Anomali
  • Cathal Smyth, Machine Learning Researcher, Royal Bank of Canada and Clare Gollnick, CTO and Chief Scientist, Terbium Labs
  • Haiyan Song, SVP and GM of Security Markets, Splunk and Oliver Friedrichs, VP of Security Orchestration and Automation, Splunk
  • Dr. Paul Vixie, CEO & Co-Founder, Farsight Security
  • Carsten Schuermann, Associate Professor, University of Copenhagen
  • Rohyt Belani, CEO, Cofense Inc.
  • Marc Ph. Stoecklin, Principal Research Scientist and Manager of Cognitive Cybersecurity Intelligence, IBM Research
  • Balint Seeber, Director of Vulnerability Research, Bastille
  • Scott Schneider, Chief Revenue Officer, CyberGRX
  • Justin Engler, Technical Director, NCC Group and Tyler Lukasiewicz, Security Consultant, NCC Group
  • Andrew Blaich, Head of Device Intelligence at Lookout and Michael Flossman, Head of Threat Intelligence at Lookout
  • Ben Gras, Security Researcher, PhD Student, VU University
  • Chester Wisniewski, Principal Research Scientist, Sophos
  • Mark Dufresne, VP of Threat Research and Adversary Prevention, Endgame
  • Jonathan Butts, CEO, QED and Billy Rios, Founder, Whitescope
  • Mike Hamilton, Chief Executive Officer, Ziften
  • IJay Palansky, Partner, Armstrong Teasdale LLP
  • Russ Spitler, SVP Product, AlienVault

Thursday, August 9:

  • Daniel Crowley, Research Baron, IBM X-Force Red and Jennifer Savage, Security Researcher, Threatcare
  • Mark Orlando, Chief Technology Officer, Cyber Protection Solutions, Raytheon
  • Brittany Postnikoff, Researcher, University of Waterloo and Sara-Jayne Terp, Data Scientist, AppNexus
  • Chris Eng, Vice President of Security Research, CA Veracode
  • Ruben Santamarta, Principal Security Consultant, IOActive
  • Justin Shattuck, Principal Threat Researcher, F5 Networks
  • Ofer Maor, Director of Solutions Management, Synopsys Software Integrity Group
  • Andrea Carcano, PhD, Co-founder and CPO, Nozomi Networks and Younes Dragoni, Security Researcher, Nozomi Networks
  • Kingkane Malmquist, Information Security Analyst, Mayo Clinic
  • Jordan Wright, Principal R&D Engineer, Duo Security and Olabode Anise, Data Scientist, Duo Security
  • Celeste Lyn Paul, Senior Researcher, NSA and Josiah Dykstra, Deputy Technical Director of Cybersecurity Operations, NSA
  • Juan Pablo Perez-Etchegoyen, CTO, Onapsis and Michael Marriott, Research Analyst, Digital Shadows
  • Ofer Israeli, CEO, Illusive Networks
  • Andrei Costin, Assistant Professor at University of Jyvaskyla, JYU.FI and Security Researcher at Firmware.RE
  • Tanuj Gulati, CTO and Co-founder, Securonix
  • Ashley Holtz, Intelligence, NBCUniversal
  • Michelle Johnson Cobb, Chief Marketing Officer, Skybox Security
  • Kenneth Geers, Chief Research Scientist, Comodo
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
aumickmanuela
50%
50%
aumickmanuela,
User Rank: Strategist
8/7/2018 | 4:48:55 AM
Conferesce
Is entry for free? How long it is going? Have I a chance to ask some question to speakers?
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
Most Malware Arrives Via Email
Dark Reading Staff 10/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
CVE-2018-18375
PUBLISHED: 2018-10-16
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.
CVE-2018-18376
PUBLISHED: 2018-10-16
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
CVE-2018-18377
PUBLISHED: 2018-10-16
goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials.
CVE-2018-17534
PUBLISHED: 2018-10-15
Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.