To get in touch about speaking at your event, email [email protected]
Media Packet · Press
839 items
132 items · 2022
Press
Ars Technica reported on a critical vulnerability in Atlassian's Confluence software stemming from a hardcoded password that Atlassian warned was likely to be actively exploited. Casey Ellis contributed analysis on the security implications and exploitation risk of the flaw for the article.
Press
The Record by Recorded Future reported on Atlassian's advisory regarding multiple critical vulnerabilities in its products being potentially exploited in the wild, including a hardcoded password flaw. Casey Ellis commented on the significance of the vulnerabilities and their potential impact on affected organizations.
Press
Fed Scoop reported on the U.S. Department of Labor's launch of a 120-day Cybersecurity Apprenticeship Sprint to address the shortage of cyber professionals. Casey Ellis contributed to the initiative as part of efforts to expand apprenticeship pathways in the cybersecurity field.
Press
Dark Reading published an analysis of the LAPSUS$ extortion group and their operational tactics in July 2022. The article examines the group's social engineering and data theft methods, with Casey Ellis contributing insight on the persistence of the threat despite the group's irregular activity patterns.
Press
Silicon Angle reported in July 2022 on the U.S. Departments of Labor and Commerce launching a new cybersecurity apprenticeship program designed to address a significant workforce shortage. Casey Ellis contributed perspective on the initiative's potential to build a stronger pipeline of skilled cybersecurity professionals into the market.
Press
Security Magazine published a piece on the Cybersecurity Apprenticeship Sprint, a federal initiative designed to build the U.S. cybersecurity workforce through registered apprenticeships. Ellis contributed to the effort as an advocate for practical, hands-on training models that address the cybersecurity skills gap.
Press
A Security Boulevard article from July 2022 covers the Cyber Safety Review Board's inaugural report examining the Log4j vulnerability and its sustained threat to organizations. Casey Ellis contributed to the CSRB's findings on Log4j's systemic risk and the need for coordinated remediation efforts across the technology sector.
Press
Business Insider published a 2022 article on building a cybersecurity career resume amid industry talent shortages. Casey Ellis discusses the skills and qualifications employers seek when hiring for high-paying roles in the field.
Press
Business Insider published a careers article on landing high-paying cybersecurity roles in the US job market. Casey Ellis contributed advice on résumé strategies and in-demand skills needed to address the industry's talent shortage.
Press
Security Magazine published an article examining the collaborative response from the global cybersecurity community to the Log4j vulnerability crisis. The piece highlights the collective efforts and dedication demonstrated by security professionals in addressing this widespread threat.
Press
Bank Info Security published "Crime Watch: Why Are Ransomware Attacks Intensifying?" discussing ransomware trends and the Cyber Safety Review Board's Log4j vulnerability investigation. Casey Ellis contributes analysis on the escalating ransomware threat landscape and factors driving increased attack frequency against organizations.
Press
Duo Security published coverage of the Cyber Safety Review Board's report on the Log4j vulnerability, which characterizes the flaw as an endemic risk to critical infrastructure. Casey Ellis contributed analysis on how attacker exploitation methods will continue to adapt and evolve over time.
Press
A July 2022 article in The Record by Recorded Future examines concerns among security leaders following Joe Sullivan's conviction, with worry that CISOs will face increased legal liability for breaches. Casey Ellis is quoted discussing the risks of scapegoating security executives and the need for clearer accountability frameworks across organizations and boards.
Press
Tech Radar reported on the U.S. Department of Defense's launch of "Hack U.S.," a bug bounty program that crowdsources security testing to ethical hackers. Casey Ellis contributed to the coverage by discussing how coordinated vulnerability disclosure and bug bounty initiatives strengthen defense systems against emerging threats.
Press
A report from The Record by Recorded Future covers warnings from cybersecurity researchers and the NSA regarding active exploitation of a critical Zyxel firewall vulnerability. The alert details the remotely exploitable flaw and advises organizations on mitigation steps to protect their network infrastructure from ongoing attacks.
Press
VentureBeat reported on the Department of Defense's launch of a new bug bounty program focused on strengthening security collaboration with ethical hackers. Casey Ellis contributed to the announcement, supporting the DoD's effort to engage the broader security research community in identifying and addressing vulnerabilities across federal systems.
Press
TechNews World published a 2022 article on the expanding appeal of bug bounty hunting as a career path for security professionals. The piece explores how competitive payouts and flexible work arrangements draw security talent to the bug bounty model.
Press
Security Week reported on the emergence of LockBit 3.0 ransomware in June 2022, noting the operation's unusual creation of its own bug bounty program to identify flaws in its malware. Casey Ellis commented on the development as part of industry analysis of the ransomware threat landscape and emerging tactics used by criminal operations.
Press
The Register published a security news roundup in June 2022 covering the proliferation of stolen credentials on dark web marketplaces and emerging threats like LockBit 3.0 ransomware-as-a-service operations. Casey Ellis was cited for insights on credential compromise risks and the evolving threat landscape affecting organizations worldwide.
Press
A Brussels Times article reports that Uber's former security chief Joe Sullivan was convicted of obstruction and misprision of felony charges related to covering up a 2016 data breach. The case examined corporate handling of cybersecurity incidents and accountability for disclosure failures.
Press
Security Boulevard published Microsoft's official guidance and mitigation steps for the Follina zero-day vulnerability affecting the Microsoft Support Diagnostic Tool. Casey Ellis provided context on the severity and impact of the flaw, helping organizations understand the threat level and recommended remediation approaches.
Press
A CPO Magazine article from June 2022 covers the Follina zero-day vulnerability affecting Microsoft Office and available workarounds prior to an official patch. Casey Ellis discusses the remote code execution risk and practical mitigation strategies for organizations facing the unpatched threat.
Press
SC Media published survey findings showing that two-thirds of ethical hackers are considering bug bounty hunting as a full-time career. Casey Ellis contributed research and analysis supporting the trend toward professionalization of vulnerability disclosure and security researcher compensation models.
Press
The Record by Recorded Future published Microsoft's guidance for the Follina zero-day Office vulnerability actively exploited in targeted attacks against organizations in Tibet, Russia, and India. Casey Ellis provided analysis and context on the vulnerability's significance and implications for enterprise security.
Press
An article in The Economic Times examines how ideologically motivated hacktivists and Robin Hood-style ransomware groups increase cyber risk through unpredictable attack patterns. Casey Ellis is quoted discussing the evolving threat landscape and how organizations must adapt security strategies to counter activism-driven threats alongside traditional financially motivated cybercriminals.
Press
VentureBeat published an analysis of the security implications of Twitter's plan to open-source its algorithm. Casey Ellis discusses the potential attack surfaces and risks that transparency could introduce to the platform's operations and user safety.
Press
SC Media reported on OneTrust's launch of its Ethics & Compliance Cloud platform in May 2022. Casey Ellis is featured as a contributor discussing how organizations can use the software to build ethical workplace cultures and strengthen compliance frameworks.
Press
The Street published an article warning about financial risks to businesses from malicious QR codes, a fraud technique known as quishing. Casey Ellis discusses how attackers exploit QR codes to defraud customers and damage brand reputation, highlighting the need for businesses to implement security awareness and verification practices.
Press
The Street published an article on malicious QR code attacks used by hackers to steal consumer money and personal information through phishing. Casey Ellis discusses the technical mechanisms behind QR code exploitation and recommends practical security measures for individuals and businesses to detect and avoid these threats.
Press
The Register published an article on May 14, 2022 detailing the Eternity Project, a malware-as-a-service operation selling modular malicious tools including password stealers, crypto-miners, and ransomware. Casey Ellis analyzed the pricing structure and technical capabilities of the toolkit, highlighting how commoditized malware development has become and its implications for organizational security.