18 matches found
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: Iβm giving the Ross Anderson Lecture at the University of Cambridgeβs Churchill College at 5:30 PM GMT on Thursday, March 19, 2026. Iβm speaking at RSAC 2026 in San Francisco, California, USA, on Wednesday, March 25, 2026. Iβm part...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I'm speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. Iβm speaking at the Personal AI Summit in Los Angeles, California, USA, on Thursday, March 5, 2026. Iβm speaking at Tech...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: Iβm speaking and signing books at the Chicago Public Library in Chicago, Illinois, USA, at 6:00 PM CT on February 5, 2026. Details to come. Iβm speaking at Capricon 44 in Chicago, Illinois, USA. The convention runs February 5-8,...
EUVD-2009-0398
Malware in sbrugna...
EUVD-2021-2446
Malware in sbrugna...
Security Science (SecSci), Basic Concepts and Mathematical Foundations
This textbook compiles the lecture notes from security courses taught at Oxford in the 2000s, at Royal Holloway in the 2010s, and currently in Hawaii. The early chapters are suitable for a first course in security. The middle chapters have been used in advanced courses. Towards the end there are...
Adm. Grace Hopperβs 1982 NSA Lecture Has Been Published
The "long lost lecture" by Adm. Grace Hopper has been published by the NSA. Note that there are two parts. Its a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP and the internet went operational. She wa...
The NSA Has a Long-Lost Lecture by Adm. Grace Hopper
The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled "Future Possibilities: Data, Hardware, Software, and People." The agency is so far refusing to release it. Basically, the recording is in an obscure video format. People at the NSA cant easily watch it, so they cant redac...
CVE-2021-43821
Opencast before versions 9.10 and 10.6 is vulnerable to an issue where ingested media packages can reference local file URLs, causing the system to open and include local host files and expose them via the web interface. The root cause is the ability to include local files during ingests, allowin...
CVE-2021-43807
Opencast is vulnerable to HTTP method spoofing in versions prior to 9.10. An attacker can override the intended HTTP method via a URL parameter, turning GET into PUT or form submissions into DELETE, enabling state-changing actions and CSRF bypasses. The issue is fixed in Opencast 9.10 and 10.0. M...
Cyber Public Health
In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine...
WhatTheHack - A Collection Of Challenge Based Hack-A-Thons Including Student Guide, Proctor Guide, Lecture Presentations, Sample/Instructional Code And Templates
WhatTheHack is a collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates. What, Why and How "What the Hack" is a challenge based hackathon format Challenges describe high-level tasks and goals to be...
Vulnerability Management at Tinkoff Fintech School
In the last three weeks, I participated in Tinkoff Fintech School - educational program for university students. Together with my colleagues, we prepared a three-month practical Information Security course: 1 lecture per week with tests and home tasks. Each lecture is given by a member of our...
MIPT/PhysTech guest lecture: Vulnerabilities, Money and People
On December 1, I gave a lecture at the Moscow Institute of Physics and Technology informally known as PhysTech. This is a very famous and prestigious university in Russia. In Soviet times, it trained personnel for Research Institutes and Experimental Design Bureaus, in particular for the Soviet...
vetmed.vt.edu XSS vulnerability
Vulnerable URL: http://www.vetmed.vt.edu/education/curriculum/VM8454/index.asp?lecture=1"...
HackPwn how to use the context-aware vulnerability deception self-driving cars-vulnerability warning-the black bar safety net
HackPwn2016 Safety geeks Carnival is global attention to intelligent life safety hack Fiesta. The first HackPwn2015 Safety geeks Carnival by the top international hackers team 360VulcanTeam, the 360UnicornTeam initiated, in absorbs the domestic and foreign various security events advantages on th...
Travis Goodspeed - Prototyping Active Disk Antiforensics
Document Title: =============== Travis Goodspeed - Prototyping Active Disk Antiforensics References: =========== View: http://www.youtube.com/watch?v=qZtkANvDxZA Release Date: ============= 2013-01-04 Vulnerability Laboratory ID VL-ID: ==================================== 818 Common Vulnerability...
CVE-2009-0394
SQL injection vulnerability in login.php in Pre Lecture Exercises PLEs CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter...