To get in touch about speaking at your event, email [email protected]
Media Packet · Press
839 items
132 items · 2022
Press
Bugcrowd received designation as a CVE Numbering Authority from the CVE Program, according to an announcement published by It News Online. Casey Ellis, Bugcrowd's founder, stated the company now directly assigns CVE identifiers to vulnerability reports submitted through its platform.
Press
Yahoo Finance reported in November 2022 that Bugcrowd received authorization to serve as a CVE Numbering Authority, enabling the company to assign CVE identifiers to newly discovered vulnerabilities. Casey Ellis, Bugcrowd's founder and chief strategy officer, stated that the designation reflects the company's commitment to improving vulnerability disclosure and strengthening the security community's ability to track and address threats.
Press
Forbes published a feature in which 15 technology experts shared recent consumer-facing tech developments they find innovative. Casey Ellis contributed his perspective on emerging technologies that capture expert interest in the consumer tech space.
Press
Security Magazine published an analysis of a shareholder lawsuit against SolarWinds following its major data breach. Casey Ellis contributes key lessons for CISOs on disclosure, liability, and supply chain security based on the litigation's implications.
Press
SC Magazine published an analysis clarifying distinctions between the Text4Shell and Log4Shell vulnerabilities. Casey Ellis explains that while Text4Shell is serious, it lacks the widespread impact and severity profile of Log4Shell, helping organizations prioritize remediation efforts appropriately.
Press
The Record by Recorded Future published an article on October 19, 2022 examining expert assessments of the Text4Shell vulnerability in Apache Commons. Casey Ellis commented on the limited real-world exploitability and practical impact of the bug despite initial security concerns.
Press
Duo Security published an article on a critical remote code execution vulnerability in Apache Commons Text, known as Text4Shell, and the subsequent patch released to address it. Casey Ellis contributed analysis and commentary on the vulnerability's severity and implications for affected systems.
Press
CPO Magazine reported on the conviction of former Uber Chief Security Officer Joe Sullivan for obstructing justice and concealing data breaches from federal authorities. The case underscores accountability measures for security leaders who fail to disclose breach incidents to regulators as required by law.
Press
The Register published an article in October 2022 examining why users select security and privacy tools based on marketing appeal rather than technical merit. Casey Ellis discusses how organizations and individuals should evaluate cybersecurity solutions with greater rigor and focus on substantive capabilities instead of vendor claims.
Press
Tech News World reported on the guilty verdict against former Uber security chief Joe Sullivan, who was convicted of obstruction of justice and other charges related to covering up a 2016 data breach. The case centered on Sullivan's decision to pay hackers ransom rather than disclose the breach to regulators and affected users.
Press
CIO Economic Times published a case study examining how Marico's cybersecurity chief obtained board approval to expand the company's security capabilities. Casey Ellis is quoted discussing the strategic approach to aligning security investments with business objectives and demonstrating measurable security outcomes to executive leadership.
Press
PSW #757, an episode of Paul's Security Weekly podcast from SC Magazine, features interviews with Ev Kontsevoy and Casey Ellis discussing current security topics. Ellis participates in the conversation alongside Kontsevoy to explore perspectives on cybersecurity trends and industry developments.
Press
Dark Reading reported that the FBI is assisting Australian authorities in investigating a massive data breach at telecommunications company Optus. Casey Ellis commented on the breach's implications for corporate security practices and incident response protocols.
Press
An article from Dice examines how strong demand for cybersecurity professionals is prompting technologists in other fields to pursue security skills and career transitions. Casey Ellis provides insight on the factors driving this upskilling trend and the implications for the cybersecurity workforce.
Press
The CRN reported in August 2022 that the New South Wales government selected CyRise to operate its new cybersecurity accelerator program. Casey Ellis co-founded CyRise, which supports early-stage cybersecurity companies through mentorship, investment, and connections to industry and government partners.
Press
SC Magazine published a feature discussing how the Twitter whistleblower case prompted researchers to warn about unreliable internal security reporting. Casey Ellis contributed perspective on the risks of overly optimistic security assessments and their role in masking actual vulnerabilities within organizations.
Press
A Security Magazine article from August 2022 covers former Twitter security chief Peiter Zatko's whistleblower complaint alleging severe cybersecurity and privacy gaps at the platform. Casey Ellis commented on the implications of Zatko's allegations and the importance of security accountability at major technology companies.
Press
Security Boulevard published a report on August 25, 2022, documenting cybersecurity industry support for Twitter whistleblower Peiter Zatko and his allegations of security failures at the company. Casey Ellis joined other security professionals in backing Zatko's claims about Twitter's inadequate security practices and culture.
Press
Bugcrowd hosted a webinar on a zero-day vulnerability affecting multiple Apple products, published on August 24, 2022. Casey Ellis participated in the discussion of CVE-2022-32893 and its implications for Apple users and security teams.
Press
Dark Reading published an article on Twitter's security practices based on whistleblower Peiter Zatko's complaint to regulators. Zatko characterized Twitter's security posture as a nightmare marked by mismanagement and inadequate safeguards for user data.
Press
Protocol published an article examining the security and business implications of Twitter's whistleblower complaint from the company's former head of security. Casey Ellis commented on the incident and its broader significance for platform security practices and accountability.
Press
The Zero Day Initiative announced a policy change regarding disclosure of vulnerabilities with faulty or incomplete patches, as reported by Duo Security. Casey Ellis noted the initiative's shift to provide clearer timelines and expectations for vendors releasing defective patches to address coordination gaps.
Press
IT Security Guru reported on multiple DDoS attacks targeting Taiwan following House Speaker Nancy Pelosi's arrival in the country. Casey Ellis commented on the incident's geopolitical implications and the operational security challenges such coordinated attacks pose to critical infrastructure during politically sensitive events.
Press
A Channel Futures report covers the U.S. government's decision to double its reward to $10 million for information on North Korean state-sponsored cyberattackers. The piece documents the government's escalating efforts to identify and hold accountable those responsible for major cyber operations attributed to North Korea.
Press
Security Boulevard published an opinion piece by Casey Ellis examining the relationship between software developers and security researchers and their need for stronger collaboration. Ellis argues that builders and breakers must work together more effectively to improve overall software security outcomes.
Press
A Wall Street Journal article from July 2022 examines the practice of cryptocurrency firms negotiating directly with hackers following thefts, offering them financial incentives to return most of the stolen funds. Casey Ellis is cited on the rationale behind such negotiations and their implications for security practices in the crypto industry.
Press
A Computer Weekly news item addresses security concerns following discovery of a critical vulnerability in Atlassian's Confluence software. Casey Ellis comments on the vulnerability's implications and the importance of prompt remediation for affected organizations.
Press
Channel Futures reported that T-Mobile agreed to pay $350 million to settle a class-action lawsuit stemming from a major data breach. Casey Ellis commented on the settlement's implications for corporate accountability and data protection standards in the telecommunications industry.
Press
TheStreet published an article comparing the security and privacy features of messaging apps including Signal and WhatsApp. Casey Ellis contributed analysis on how these platforms protect user data and the technical differences in their encryption approaches.
Press
A CISO Series article examines how current geopolitical and social events directly impact organizational security posture and threat landscape. Casey Ellis discusses the connection between real-world events and evolving security risks that organizations must monitor and address in their defense strategies.