Craig Young is a computer security researcher with Tripwire’s Vulnerability and Exposures Research Team (VERT). He has identified and responsibly disclosed dozens of vulnerabilities in products from Google, Amazon, IBM, NETGEAR, Adobe, HP, Apple, and others. His research has resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig’s presentations on Google authentication weaknesses have led to considerable security improvements for all Google users. Craig won in track 0 and track 1 of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. His research into iOS WiFi problems more recently exposed CVE-2015-3728 that could allow devices to inadvertently connect to malicious hot spots. Craig has more recently turned his attention to a different part of the wireless spectrum with research into home automation products as well as RFID/NFC technology.
Articles By CRAIG YOUNG
Players Threatened with Nasty Trojans on Google Play
Gained Access into a Home Network by Hacking Smart TV
Malware Disguised as WhatsApp Update
Encryption in Seven out of Eight Android Apps
Mobiles and Laptops Left in UK Bars Each Year
Windows Encryption Keys Could Expose Users to Hackers
Vulnerability that Could Allow Attackers to Launch Zero-Day Affecting Linux & Android
Browser Extensions are Prime Targets in the Threat Landscape
Warns of Netflix Malware and Scams
HTTPS Websites Vulnerable to Decryption Attack
Fixes Critical Flaws Affecting Every Version of Windows
Hacking Smart Cars Without an Internet Connection
Android Malware Family Infecting Smartphones through SMS Phishing
Tripwire on Security Flaws in Samsung SmartThings IoT Consumer Platform
Flaws Found in 7-Zip File Archiver
Medical Devices Hit By Ransomware For The First Time In US Hospitals
VERT Threat Alert: Return Of Bleichenbacher’s Oracle Threat (ROBOT)
Georgia Anti-Hacking Legislation A Serious Threat To Cyber Security Industry
E-learning Software ILIAS To Blame For German Government Hack
Cyber Security Skills Shortage Blamed For Halt In Cloud Adoption
Network Middleware Still Struggling With TLS Encryption Issues
