To get in touch about speaking at your event, email press@cje.io
Media Packet
1,046 items across 6 categories — press, broadcast, stage, and paperwork. Captured, displayed, and archived for posterity.
1,046 items
Press
WRAL TechWire reported on the U.S. federal government's launch of the "Hack DHS" bug bounty program, which offers up to $5,000 for identifying security vulnerabilities. Casey Ellis discussed the program's significance for strengthening federal cybersecurity defenses through crowdsourced vulnerability discovery.
Press
TechTimes reported on security efforts to develop a protective "vaccine" against the Log4Shell vulnerability for systems unable to patch immediately. Casey Ellis contributed to these efforts aimed at providing interim protection for exposed users against active exploitation of the critical logging flaw.
Press
A Security Boulevard article from December 2021 covers the discovery of a second Log4j vulnerability, CVE-2021-45046, that surfaced shortly after the initial disclosure and required additional patching. Casey Ellis commented on the implications of the chained flaw and the challenges organizations faced in securing their systems against successive Log4j exploits.
Press
CPO Magazine published a report on the discovery of EwDoor, a botnet targeting AT&T VoIP servers that potentially infected up to 100,000 devices, as identified by Chinese security researchers. Casey Ellis commented on the security implications and threat landscape revealed by the botnet's widespread reach and targeting of critical communications infrastructure.
Press
Dark Reading published a technical guide on identifying servers vulnerable to the Log4j flaw. Casey Ellis contributed advice and methods to help system administrators detect the vulnerability across their infrastructure.
Press
Dark Reading published an analysis on how bug bounty programs are evolving to prioritize critical vulnerabilities with higher payouts. Casey Ellis discusses the strategic shift toward incentivizing researchers to focus on the most impactful security flaws rather than volume-based submissions.
Press
TechRepublic published an article examining the record number of security vulnerabilities disclosed in 2021. Casey Ellis provides insight into the factors driving the surge in vulnerability disclosures and their implications for the security industry.
Press
ZDNet published a report on NIST data showing that 2021 saw 18,378 vulnerabilities discovered, continuing a fifth consecutive year of record numbers. Casey Ellis commented on the vulnerability landscape and the implications of sustained increases in reported security flaws.
Broadcast
A Cyberwire podcast episode from December 2021 features Casey Ellis discussing how to begin participation in bug bounty programs and the process of identifying vulnerabilities. Ellis provides guidance on entry points for security researchers interested in coordinated vulnerability disclosure and bug bounty participation.
Press
eSecurity Planet reported on AT&T's efforts to shut down the EwDoor botnet, which compromised over 5,700 carrier-grade network address translation devices. Casey Ellis commented on the incident's significance for critical infrastructure security and the importance of coordinated response efforts against emerging botnet threats.
Press
BankInfoSecurity reported on the arrest of a former Ubiquiti employee charged with orchestrating a data breach and extortion attempt against the networking company. Casey Ellis commented on the incident's implications for corporate security practices and insider threat detection.
Press
Security Boulevard published an article on the challenges and importance of proactively identifying and fixing security vulnerabilities in open-source software. Casey Ellis discusses the need for systematic approaches to vulnerability discovery and remediation in open-source projects.
Press
Security Magazine reported on a wave of banking trojan infections from malicious apps on Google Play that resulted in over 300,000 infections across four months. Casey Ellis contributed analysis on the threat landscape and the security implications of malware distribution through official app marketplaces.
Press
Verdict published a Q&A interview with Casey Ellis, founder and CTO of Bugcrowd, in November 2021. Ellis discusses how cybersecurity has evolved and explains the role crowdsourced security plays in modern defense strategies.
Press
A Q&A session published by Duo Security explores Casey Ellis's perspectives on bug bounties and vulnerability disclosure practices. Ellis discusses the evolution of bug bounty programs and shares insights on the future direction of how organizations discover and address security vulnerabilities.
Broadcast
Decipher Security Podcast published an episode featuring Casey Ellis on November 23, 2021. Ellis discusses how vulnerability disclosure programs have evolved, gained adoption, and become standardized in the United States and internationally.
Press
A report from SC Magazine details malicious Golang malware targeting e-commerce servers to steal payment information. Casey Ellis provided analysis on the threat's implications for retail infrastructure and payment security vulnerabilities.
Press
A Forbes article examines the emerging practice of applying bug bounty models to identify bias and discrimination in artificial intelligence systems. Casey Ellis discusses how crowdsourced security approaches can be adapted to surface algorithmic fairness issues before they cause harm to users and organizations.
Press
Duo Security published an analysis of new U.S. government directives establishing incident response requirements for federal civilian agencies. Casey Ellis is quoted discussing the practical implications of the government's clearer cybersecurity incident playbooks and their effect on federal agency preparedness.
Press
A report in InfoSecurity Magazine details research estimating that ethical hackers prevented over $27 billion in cybercrime damages during a one-year period. Casey Ellis contributed to the research, which quantifies the financial impact of vulnerability disclosure and coordinated security research on reducing criminal losses.
Broadcast
The CyberWire published a video segment featuring Casey Ellis, CTO of Bugcrowd, and Beau Woods, Senior Advisor at CISA, discussing cybersecurity awareness during October 2021. Ellis and Woods explored implications of recent security incidents for security leaders and organizational defense strategies.
Broadcast
A sponsor interview segment from the Risky Business podcast features Casey Ellis discussing the current state of bug bounties and crowdsourced security. Ellis addresses market trends and the evolving relationship between organizations and external security researchers in vulnerability disclosure.
Press
CISA released an advisory through ZDNet warning of five vulnerabilities in Apache HTTP Server that affect Cisco products and require immediate patching. Casey Ellis commented on the advisory's implications for enterprise security teams managing affected infrastructure.
Press
CISA and Bugcrowd launched a vulnerability disclosure platform enabling security researchers to report bugs directly to US federal agencies. Casey Ellis, Bugcrowd's founder, helped develop the platform to standardize and streamline how the government receives and manages security vulnerability reports from hackers.
Press
Duo Security published the second installment of a feature series on the history and rapid adoption of bug bounty programs in Silicon Valley. Casey Ellis discusses the evolution of bug bounties and their role in shaping modern security practices across the technology industry.
Press
Digital Journal published an analysis of a recent healthcare sector data breach that examined the attack methods and underlying security failures. Casey Ellis provided commentary on the incident, explaining both the technical vectors used by attackers and the organizational factors that enabled the breach.
Press
Solutions Review published coverage of a misconfiguration in Microsoft's Power Apps platform that exposed data across millions of user accounts. Casey Ellis identified and documented the vulnerability, contributing research that highlighted the scale and implications of the exposure across multiple applications.
Press
Forbes Technology Council published a panel article examining 15 security risks commonly overlooked during the transition to remote work. Casey Ellis contributed to the discussion of digital asset vulnerabilities in distributed work environments.
Press
Global Security Magazine published a piece featuring commentary from Casey Ellis on the Kaseya supply chain ransomware attack. Ellis analyzed the incident and its implications for software supply chain security.
Press
A CSO Magazine article from August 2021 examines the fallout from the Kaseya ransomware attack on Australian businesses and the security obligations of software vendors. Casey Ellis addresses industry responsibility and the need for greater collaboration to prevent similar supply-chain attacks.