As a member of the organizing group for this year's BSides Atlanta conference, I've been reviewing CFP proposals submitted by the community. As I read through the various submissions, I started noticing a few themes. This post is intended to help people interested in submitting a CFP in the future, to understand what reviewers (well,… Continue reading On conference CFPs and reviewing
Category: Research
Quick rundown of the Meltdown and Spectre vulnerabilities
Yesterday, news broke about two new vulnerabilities, dubbed “Meltdown” and “Spectre”. The vulnerabilities are present in CPU chips produced by Intel, AMD, and ARM. To give you an understanding of the scope of the problem, almost every computing device you own - desktop computer, laptop computer, tablet computer, and even cell phone - relies on… Continue reading Quick rundown of the Meltdown and Spectre vulnerabilities
“Learning Outcomes for Cyber Defense Competitions” journal publication
I’m very happy to announce that a journal article I co-authored with Dr. Amy Woszczynski entitled “Learning Outcomes for Cyber Defense Competitions” has recently been published in the Journal of Information Security Education. We interviewed judges and mentors for a well-established cyber defense competition held in the Southeast United States. From the data collected during these interviews,… Continue reading “Learning Outcomes for Cyber Defense Competitions” journal publication
Lit Reviews Are Not Fun
Let me talk to you a little bit about literature reviews. As a “budding scholar,” I’ve been told time and time again about the importance of understanding what literature exists on a given problem domain. And, intellectually I get that. But… From a practical point of view, the task of reading, assimilating, synthesizing, and analyzing… Continue reading Lit Reviews Are Not Fun
WiFi KRACK vulnerability goes public
Early this morning, Mathy Vanhoef (@vanhoefm on Twitter), a Belgium-based researcher released his findings about a vulnerability in the WPA2 protocol. WPA2 is a widely-used encryption standard utilized in consumer and business WiFi networks. Vanhoef dubbed the vulnerability KRACK, short for “Key Reinstallation Attacks”. Vanhoef published his findings on a website, https://www.krackattacks.com The vulnerability allows an attacker… Continue reading WiFi KRACK vulnerability goes public
Andy Green, Ph.D. 