Speaking, Vlogs, TV

Cybersecurity Speaking, London/Manchester and Vlog Series

Having produced several videos and been featured in multiple national TV series, live segments, documentaries, online vlogs, and live radio shows, I’m available to speak on cybersecurity topics at public speaking or online events. Preferred areas include open-source software security, ransomware, data breaches, AI, and privacy (e.g. legislation and its implications), and software supply chain attacks.

Channel 5 TV series on tech fraud (2023-24): Scams: Don’t Get Caught Out!

This week, scams expert @AlexisConran and I demo simple QR code tricks & ongoing scams. Some cool AI stuff coming up next! 🤖

🎬Channel 5: Scams – Don't Get Caught Out Season 2 airs Wednesdays @ 8pm 💥https://t.co/Az64MQNLKo pic.twitter.com/J1ORzmFeQw
— Ax Sharma (@Ax_Sharma) February 23, 2024

Ax Sharma in Channel 5’s “Scams: Don’t Get Caught Out” presented by Alexis Conran

KTLA (Los Angeles) TV interview on AI apps and their pros and cons.

2022 – Infosecurity Europe, ExCeL London:

Ax Sharma presenting at Infosecurity Europe, ExCeL London in 2022

Help Net Security – videos explaining malicious incidents and threats to open source software

Python packages with malicious code expose secret AWS credentials

Malicious PyPI packages drop ransomware, fileless malware

What you need to look out for when installing packages from public repositories

This Week in Malware video series (2022-)
https://www.facebook.com/watch/live/?ref=watch_permalink&v=1606232636421404

Ax Sharma presenting malware research in "This Week in Malware" video series.

October 2020:

Featured speaker at NVTC’s Capital Cybersecurity Summit 2020.

https://blog.sonatype.com/discord-squashes-critical-electron-bugs-open-source-attacks-continue-to-grow

Sonatype caught NodeJS malware exfiltrating IPs, username, and device information on GitHub

These newly discovered malicious typosquatting npm packages broadcast your IP, username, and device fingerprinting info on the web!https://t.co/KBhHfqOkuI

Discovered by @Sonatype automated #malware detection.#infosec #securitynews #devsecops #devops #opensource
— Ax Sharma (@Ax_Sharma) September 30, 2020

Ax Sharma as an expert researcher in BBC documentary, Victims of Ukraine War Scammers (2022) along with lead journalist Hannah Gelbart:

September 2020:

Nexus Intelligence Insights: “fallguys” npm package which is malware impersonating the popular Fall Guys game API

What’s inside the “fallguys” npm #malware that mimics the video game API to steal your browsing data/IMs? Take a deep dive with us.@sonatype customers are protected from such malicious npm components!https://t.co/jmUsCU8bBB #DevSecOps #infosec #securitynews #DevOps— Ax Sharma (@Ax_Sharma) September 2, 2020

August 2020:

Nexus Intelligence Insights – CVE-2020-7699: From Prototype Pollution to full-on remote code execution, how can adversaries exploit npm modules?

Nexus User Conference 2020 – FULL LIVE presentation
Ax Sharma’s overview of Sonatype Security Research: The Inside Scoop
Video:

CVE-2020-17479 – jpv Fix Bypass discovered by Sonatype:
Co-authored with Sonatype Security Research Team:
https://blog.sonatype.com/cve-2020-17479

July 2020:

CVE-2020-13935 – Apache Tomcat Websocket – Denial of Service (DoS):
https://blog.sonatype.com/nexus-intelligence-insightscve-2020-13935-apache-tomcat

May 2020:

The pace and professionalism demonstrated by @SheetJS folks during the disclosure process is commendable. Learn about this ReDoS #vulnerability discovered by @acazzolla of @sonatype and how to protect #JS spreadsheets.https://t.co/8JVPHDizPj #infosec #security #CyberSecurity
— Ax Sharma (@Ax_Sharma) May 7, 2020

April 2020:

Protect Your Bitcoins from 700+ Malicious RubyGems with sonatype-2020-0196 #CyberSecurity #infosec #malware #vulnerability #rubygems #opensource #cryptocurrency https://t.co/2kSNxr7VOg

— Ax Sharma (@Ax_Sharma) April 23, 2020

March 2020:

https://blog.sonatype.com/cve-2019-3773-spring-web-services-xml-external-entity-injection-xxe

February 2020:

https://blog.sonatype.com/cve-2020-2100-jenkins-udp-amplification-reflection-attack-distributed-denial-of-service

January 2020:

Hacker Noon stored XSS via SVGs:

https://blog.sonatype.com/sonatype-2020-0003-npm-malicious-package-1337qq-js

September 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2019-15753

June 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2018-1109-braces-regular-expression-denial-of-service-redos-attack-0

April 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2019-0232-apache-tomcat-cgi-servlet-remote-code-execution

Blog series:
https://blog.sonatype.com/author/akshay-ax-sharma

KTLA (Los Angeles) TV interview on AI apps and their pros and cons.

Nexus User Conference 2020 – FULL LIVE presentationAx Sharma’s overview of Sonatype Security Research: The Inside ScoopVideo:

Nexus User Conference 2020 – FULL LIVE presentation
Ax Sharma’s overview of Sonatype Security Research: The Inside Scoop
Video: