Check out Discourse's security program and policies.Peruse Discourse's technical blog post about it.See Discourse's announcement of the vulnerability on GitHub.Read the CISA notification on the critical RCE vulnerability in Discourse.Listen to our previous episode with Jack on election security.At Stanford, Jack is a research assistant with the Stanford Internet Observatory and Stanford Empirical Security Research Group and launched Stanford's bug bounty program, one of the first in higher education. Jack was named one of Time Magazine's 25 most influential teens for 2018. After placing first in the Hack the Air Force challenge, Jack began working at the Pentagon's Defense Digital Service.
Jack is a top-ranked bug bounty hacker, having identified over 350 vulnerabilities in companies including Google, Facebook, Uber, Yahoo, and the US Department of Defense. Jack formerly served as an Election Security Technical Advisor at CISA, where he led the development and deployment of Crossfeed, a pilot to scan election assets nationwide.
Jack Cable is a security researcher and student at Stanford University, currently working as a security architect at Krebs Stamos Group. Tod highlights some of the many things Discourse is doing right with its security program.
#Cable stamos group ransomwhere code#
Stick around for our Rapid Rundown, where Tod and Jen talk about a remote code execution vulnerability that open-source forum provider Discourse experienced recently, which CISA released a notification about over the weekend. They chat about how Cable came up with the idea, the role of cryptocurrency in tracking these payments, and how better data sharing can help combat the surge in ransomware attacks. In this episode of Security Nation, Jen and Tod chat with Jack Cable, security architect at the Krebs Stamos Group, about Ransomwhere, a crowdsourced ransomware payment tracker.
0 kommentar(er)
