Cybersecurity Speaking, London and Vlog Series

Having produced several videos and been featured in multiple TV series, live segments, documentaries, online vlogs, and live radio shows, I’m available to speak on cybersecurity topics at public speaking or online events. Preferred areas include open-source software security, ransomware, data breaches, AI, and privacy (e.g. legislation and its implications), and software supply chain attacks.

Channel 5 TV series (2023-24): Scams: Don’t Get Caught Out!

KTLA (Los Angeles) TV interview on AI apps and their pros and cons.

2022 – Infosecurity Europe, ExCeL London

Help Net Security – videos explaining malicious incidents and threats to open source software

October 2020:

Featured speaker at NVTC’s Capital Cybersecurity Summit 2020.

[Recording available shortly]

https://blog.sonatype.com/discord-squashes-critical-electron-bugs-open-source-attacks-continue-to-grow

Sonatype caught NodeJS malware exfiltrating IPs, username, and device information on GitHub

September 2020:

Nexus Intelligence Insights: “fallguys” npm package which is malware impersonating the popular Fall Guys game API

August 2020:

Nexus Intelligence Insights – CVE-2020-7699: From Prototype Pollution to full-on remote code execution, how can adversaries exploit npm modules?

Nexus User Conference 2020 – FULL LIVE presentation
Ax Sharma’s overview of Sonatype Security Research: The Inside Scoop
Video:

 

CVE-2020-17479 – jpv Fix Bypass discovered by Sonatype:
Co-authored with Sonatype Security Research Team:
https://blog.sonatype.com/cve-2020-17479

July 2020:

CVE-2020-13935 – Apache Tomcat Websocket – Denial of Service (DoS):
https://blog.sonatype.com/nexus-intelligence-insightscve-2020-13935-apache-tomcat 

May 2020:

April 2020:

March 2020:

February 2020:

https://blog.sonatype.com/cve-2020-2100-jenkins-udp-amplification-reflection-attack-distributed-denial-of-service

January 2020:

Hacker Noon stored XSS via SVGs:

https://blog.sonatype.com/sonatype-2020-0003-npm-malicious-package-1337qq-js

September 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2019-15753

June 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2018-1109-braces-regular-expression-denial-of-service-redos-attack-0

April 2019:

https://blog.sonatype.com/nexus-intelligence-insights-cve-2019-0232-apache-tomcat-cgi-servlet-remote-code-execution

Blog series:
https://blog.sonatype.com/author/akshay-ax-sharma