To get in touch about speaking at your event, email [email protected]
Media Packet · Press
843 items
843 items
Press
A CPO Magazine article from June 2022 covers the Follina zero-day vulnerability affecting Microsoft Office and available workarounds prior to an official patch. Casey Ellis discusses the remote code execution risk and practical mitigation strategies for organizations facing the unpatched threat.
Press
SC Media published survey findings showing that two-thirds of ethical hackers are considering bug bounty hunting as a full-time career. Casey Ellis contributed research and analysis supporting the trend toward professionalization of vulnerability disclosure and security researcher compensation models.
Press
The Record by Recorded Future published Microsoft's guidance for the Follina zero-day Office vulnerability actively exploited in targeted attacks against organizations in Tibet, Russia, and India. Casey Ellis provided analysis and context on the vulnerability's significance and implications for enterprise security.
Press
An article in The Economic Times examines how ideologically motivated hacktivists and Robin Hood-style ransomware groups increase cyber risk through unpredictable attack patterns. Casey Ellis is quoted discussing the evolving threat landscape and how organizations must adapt security strategies to counter activism-driven threats alongside traditional financially motivated cybercriminals.
Press
VentureBeat published an analysis of the security implications of Twitter's plan to open-source its algorithm. Casey Ellis discusses the potential attack surfaces and risks that transparency could introduce to the platform's operations and user safety.
Press
SC Media reported on OneTrust's launch of its Ethics & Compliance Cloud platform in May 2022. Casey Ellis is featured as a contributor discussing how organizations can use the software to build ethical workplace cultures and strengthen compliance frameworks.
Press
The Street published an article warning about financial risks to businesses from malicious QR codes, a fraud technique known as quishing. Casey Ellis discusses how attackers exploit QR codes to defraud customers and damage brand reputation, highlighting the need for businesses to implement security awareness and verification practices.
Press
The Street published an article on malicious QR code attacks used by hackers to steal consumer money and personal information through phishing. Casey Ellis discusses the technical mechanisms behind QR code exploitation and recommends practical security measures for individuals and businesses to detect and avoid these threats.
Press
The Register published an article on May 14, 2022 detailing the Eternity Project, a malware-as-a-service operation selling modular malicious tools including password stealers, crypto-miners, and ransomware. Casey Ellis analyzed the pricing structure and technical capabilities of the toolkit, highlighting how commoditized malware development has become and its implications for organizational security.
Press
Washington Post coverage of the October 2022 conviction of former Uber security chief Joe Sullivan for obstructing a Federal Trade Commission investigation into the 2016 breach. Casey Ellis is quoted on the precedent the verdict sets for security executives navigating disclosure obligations.
Press
A Reuters article published by UK Yahoo Finance reports on the conviction of former Uber Chief Security Officer Joe Sullivan for covering up a 2016 data breach. The case highlights accountability measures in corporate security leadership regarding disclosure obligations for significant security incidents.
Press
An article in Cyber Security Dive examines limitations of multifactor authentication as a security control, arguing it cannot serve as a complete defense against determined attackers. Casey Ellis discusses how MFA, while important, has exploitable weaknesses that security teams must understand and address comprehensively.
Press
The Department of Defense launched the "Hack U.S." bug bounty program, as reported by Security Magazine, to engage ethical hackers in securing government systems. Casey Ellis contributed to the initiative's development and helped establish the program framework for coordinating vulnerability disclosures across federal infrastructure.
Press
The Register reported on the U.S. Department of Defense's launch of its "Hack U.S." bug bounty program, which invites vetted security researchers to identify vulnerabilities in military systems. Casey Ellis contributed to the program's development and helped establish the framework for coordinating between the DoD and the hacker community on responsible disclosure.
Press
Ecommerce Times published an article examining the financial risks that third-party software and supply chain vulnerabilities create for e-commerce businesses. Casey Ellis discusses how organizations can identify and manage third-party risk exposures to protect revenue and customer data.
Press
SC Media published survey findings in April 2022 showing that most IT leaders viewed the Log4Shell vulnerability as a critical wake-up call for their cloud security practices. Casey Ellis contributed perspective on how the incident prompted organizations to reassess and strengthen their cloud security strategies.
Press
An iBusiness article from April 2022 examines crowdsourcing approaches in cybersecurity and collective defense strategies. Casey Ellis discusses how distributed security models leverage community participation to strengthen organizational protection against evolving threats.
Press
Security Boulevard published an article in April 2022 covering the FBI Director's warning about Chinese government economic espionage and hacking campaigns against Western interests. Casey Ellis is cited for his perspective on the scope and implications of these threats to private sector organizations.
Press
Security Magazine published an analysis of the security implications stemming from Elon Musk's Twitter acquisition in April 2022. Casey Ellis contributed expert perspective on issues including bot accounts, data privacy, and content moderation challenges arising from the platform transition.
Press
E-Commerce Times reported on Elon Musk's $44 billion acquisition of Twitter and the company's transition to private ownership in April 2022. The article detailed the sequence of events leading to the deal's completion.
Press
A The Record article from Recorded Future reports on expert warnings about a critical Java cryptographic vulnerability that could enable digital signature forgery. Casey Ellis joins other cybersecurity experts in cautioning organizations to apply patches immediately to mitigate the risk of signature spoofing attacks.
Press
A CPO Magazine article from April 2022 reports on attackers using stolen OAuth tokens to breach private code repositories of dozens of organizations on GitHub. Casey Ellis is cited for perspective on the incident and its implications for software supply chain security.
Press
The Street published an article on Microsoft's bug bounty program and the financial rewards it offers ethical hackers for discovering and reporting security vulnerabilities. Casey Ellis is quoted discussing the significance of bug bounty initiatives in strengthening software security and incentivizing responsible vulnerability disclosure practices.
Press
Security Boulevard published an article in April 2022 on the necessity of public-private collaboration in defending critical infrastructure against cyber threats, referencing a joint advisory from international security agencies. Ellis contributed perspective on how coordinated defense strategies between government and private sector organizations strengthen resilience against evolving threats to essential systems.
Press
A SiliconANGLE article covers a joint warning from the Five Eyes intelligence alliance regarding Russian state-sponsored cyberattacks targeting critical infrastructure. Casey Ellis is quoted discussing the severity of the threat and the importance of coordinated defense measures across allied nations.
Press
SC Media reported on threat actors who compromised OAuth integrators and gained potential access to cloud systems through stolen tokens from Heroku and Travis-CI. Casey Ellis provided analysis on how the compromised credentials could be leveraged to breach private code repositories and emphasized the cascading risks across integrated development environments.
Press
Security Magazine reported on the dismantling of the RaidForum cybercrime marketplace through a coordinated international law enforcement operation that resulted in the arrest of its administrator. Casey Ellis contributed analysis on the significance of the takedown for the broader cybersecurity threat landscape and implications for future enforcement actions.
Press
Security Boulevard reported on Microsoft's disruption of STRONTIUM, a Russian state-sponsored hacking group conducting attacks on Ukraine, by taking control of domains used in the campaign. Casey Ellis contributed analysis on the significance of the domain takedown action and its impact on the threat landscape.
Press
A report published by Infosecurity Magazine documents DDoS attacks targeting Taiwanese government websites during U.S. House Speaker Nancy Pelosi's visit in April 2022. Casey Ellis provided security context and analysis on the coordinated nature of the attacks and their geopolitical implications.
Press
CHIP published an article in April 2022 about the U.S. government enlisting white-hat hackers to identify security vulnerabilities through a new Department of Defense program. Casey Ellis is referenced as a key figure supporting government cybersecurity initiatives and vulnerability disclosure practices.