Press Room

Press Coverage Timeline

From vulnerability research to media investigations, tracking two decades of cybersecurity coverage

Data	Fonte	Evento	Tags
2005
`bugtraq-php-icalendar.markdown` 25 October 2005	Bugtraq (marc.info) PHP iCalendar Multiple Vulnerabilities - Bugtraq Advisory	advisory_php-icalendar	advisory php-icalendar critical rce CVE-2005-3366
`cxsecurity-php-icalendar.markdown` 25 October 2005	CXSecurity.com PHP iCalendar XSS and File Inclusion Vulnerabilities	advisory_php-icalendar	advisory php-icalendar critical rce CVE-2005-3366
`exploit-db-php-web-statistik.markdown` 19 November 2005	exploit-db.com PHP Web Statistik 1.4 Multiple Vulnerabilities - Exploit-DB	advisory_php-web-statistik	advisory php-web-statistik medium xss config-exposure dos CVE-2005-4012 CVE-2005-4013 CVE-2005-4014 CVE-2005-4015
`exploit-db-freewebstat.markdown` 27 November 2005	exploit-db.com FreeWebStat 1.0 Multiple XSS Vulnerabilities - Exploit-DB	advisory_freewebstat	advisory freewebstat medium xss CVE-2005-3959
`seclists-php-web-statistik.markdown` 27 November 2005	Seclists.org PHP Web Statistik Multiple Vulnerabilities - Seclists Advisory	advisory_php-web-statistik	advisory php-web-statistik medium xss config-exposure dos CVE-2005-4012 CVE-2005-4013 CVE-2005-4014 CVE-2005-4015
2006
`aliyun-php-globals-developer.markdown` 25 January 2006	Aliyun Developer PHP 5.1.1/5.1.2 GLOBALS Variable Overwrite Vulnerability	advisory_php-globals	advisory php critical globals
`nvd-pmwiki-cve.markdown` 31 January 2006	National Vulnerability Database (NVD) CVE-2006-0479 - PmWiki 2.1 beta 20 Multiple Vulnerabilities - NVD Record	advisory_pmwiki	advisory pmwiki critical rce xss CVE-2006-0479
`endsummercamp-esc06-apache-mysql.markdown` 16 September 2006	endsummercamp.org Apache e MySQL cluster - EndSummerCamp ESC06	conference_esc06	conference esc06 talk apache mysql
`endsummercamp-esc06-exif-fun.markdown` 16 September 2006	endsummercamp.org EXIF Fun - EndSummerCamp ESC06	conference_esc06	conference esc06 talk exif
`endsummercamp-esc06-secure-programming.markdown` 17 September 2006	endsummercamp.org Secure Programming Live Session - EndSummerCamp ESC06	conference_esc06	conference esc06 talk secure-programming
2007
`wisec-php-import-vulnerability.markdown` 07 March 2007	Wisec.it PHP import_request_variables() Vulnerability - Wisec Advisory	advisory_php-globals-import	advisory php medium import-request-variables CVE-2007-1396
`zeus-news-linuxpersec.markdown` 12 June 2007	Zeus News LinuxPerSec 2.0 Conference Announcement - Zeus News	conference_linuxpersec20	conference linuxpersec20 talk get-hacked itis-marconi
`linuxpersec-verona.markdown` 16 June 2007	MGPF.it Get hacked: pericoli della navigazione - LinuxPerSec2	conference_linuxpersec20	conference linuxpersec20 talk get-hacked itis-marconi
`verona-linux-linuxpersec.markdown` 16 June 2007	Verona Linux User Group (Web Archive) LinuxPerSec 2.0 Conference - Verona Linux User Group	conference_linuxpersec20	conference linuxpersec20 talk get-hacked itis-marconi
`attrition-vim-technical-discussion.markdown` 31 July 2007	Attrition.org VIM Mailing List Technical Discussion - Attrition.org	N/A	vim vulnerability mailing-list technical-discussion reverse-engineering php security-research
`attrition-vim-thread.markdown` 31 July 2007	Attrition.org VIM Mailing List - RIG Image Gallery Vulnerability Analysis	N/A	vulnerability research vim mailing-list technical-analysis
`cacert-audit-board-minutes.markdown` 17 September 2007	CAcert Wiki CAcert Code Audit - Board Meeting Minutes	N/A	cacert audit code-review volunteer security-bugs board-minutes
2008
`cxsecurity-cacti-advisory.markdown` 12 February 2008	CXSecurity.com Cacti 0.8.7a Multiple Vulnerabilities Advisory	N/A	cve vulnerability cacti xss sql-injection path-disclosure http-response-splitting security-research advisory
`seclists-cacti-advisory.markdown` 12 February 2008	Seclists.org Cacti 0.8.7a Multiple Vulnerabilities - Seclists Advisory	N/A	cacti vulnerability xss sql-injection path-disclosure http-response-splitting seclists
`sikurezza-clipperz-discussion.markdown` 12 March 2008	Sikurezza.org Mailing List Clipperz Security Analysis - Sikurezza Mailing List	N/A	clipperz password-manager security-analysis xss browser-security zero-knowledge
`mantis-rce-vulnerability.markdown` 14 March 2008	MantisBT.org Mantis Bug Tracker 1.1.1 Remote Code Execution - CVE-2008-2276	N/A	cve vulnerability mantis mantisbt rce remote-code-execution eval security-research advisory bug-tracker cve-2008-2276
`mantis-csrf-vulnerability.markdown` 22 March 2008	MantisBT.org Mantis Bug Tracker 1.1.1 CSRF Vulnerability - Security Report	N/A	cve vulnerability mantis mantisbt csrf cross-site-request-forgery security-research advisory bug-tracker
`bugtraq-mantis-advisory.markdown` 20 May 2008	Bugtraq (marc.info) Mantis Bug Tracker Multiple Vulnerabilities - Bugtraq Advisory	N/A	cve vulnerability mantis mantisbt xss csrf rce bugtraq cve-attribution disclosure
`cxsecurity-mantis-advisory.markdown` 20 May 2008	CXSecurity.com Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities Advisory	N/A	cve vulnerability mantis xss csrf rce security-research advisory
`exploit-db-mantis-cve-dispute.markdown` 20 May 2008	Exploit-DB.com Mantis Bug Tracker 1.1.1 Vulnerabilities and CVE Attribution Dispute	N/A	cve vulnerability mantis xss csrf rce cve-dispute security-research advisory
`redhat-mantis-bugzilla.markdown` 26 May 2008	Red Hat Bugzilla Mantis Bug Tracker RCE Vulnerability - Red Hat Bugzilla	N/A	cve vulnerability mantis mantisbt rce remote-code-execution redhat fedora cve-2008-3332
`redhat-mantis-cve.markdown` 26 May 2008	bugzilla.redhat.com CVE-2008-3332 - Mantis Remote Code Execution Vulnerability	N/A	cve vulnerability mantis rce security-research
`exploit-db-collabtive.markdown` 10 November 2008	Exploit-DB.com Collabtive 0.4.8 Multiple Vulnerabilities - EDB Advisory	N/A	cve vulnerability collabtive xss authentication-bypass file-upload security-research advisory
`exploit-db-moodle.markdown` 12 December 2008	exploit-db.com Moodle 1.9.3 Remote Code Execution - Exploit-DB	N/A	vulnerability moodle rce remote-code-execution exploit-db security-research
`youtube-25c3-video.markdown` 25 December 2008	YouTube 25C3 Conference Video - Tricks makes you smile	N/A	youtube 25c3 video conference hacking techniques
`ccc-25c3-lecture.markdown` 28 December 2008	Chaos Communication Congress 1.4.2.3 – Tricks that make you smile - 25C3 Lecture	N/A	ccc 25c3 hacking security-research lecture privilege-escalation exploit congress presentation slides speaker program
`ccc-25c3-official-program.markdown` 28 December 2008	CCC Media Archive 25C3 Official Program Listing - CCC Archive	N/A	ccc 25c3 official-program archive penetration-testing international
`ccc-25c3-slides.markdown` 28 December 2008	Chaos Communication Congress 25C3 Lecture Slides - Tricks that make you smile	N/A	ccc 25c3 slides presentation penetration-testing privilege-escalation techniques
`ccc-25c3-speakers-list.markdown` 28 December 2008	Chaos Communication Congress 25C3 Official Speakers List - Chaos Communication Congress	N/A	ccc 25c3 speakers official-list hacking international-recognition
`ccc-25c3-video-archive.markdown` 28 December 2008	CCC Media Archive 25C3 Video Archive - Tricks makes you smile	N/A	ccc 25c3 video archive hacking techniques specialized
2009
`ccc-25c3-program-confirmation.markdown` 10 January 2009	Chaos Communication Congress 25C3 Program Confirmation - Official Congress Schedule	N/A	ccc 25c3 program confirmation official-schedule berlin hacking
`ccc-25c3-media-release.markdown` 18 January 2009	CCC Media Archive 25C3 Media Release - Video and Audio Publication	N/A	ccc 25c3 media video audio publication penetration-testing
`exploit-db-zabbix.markdown` 03 March 2009	exploit-db.com Zabbix 1.6.2 Multiple Vulnerabilities - Exploit-DB	N/A	vulnerability zabbix rce csrf lfi exploit-db security-research
`gentoo-zabbix-bugzilla.markdown` 03 March 2009	Gentoo Bugzilla Zabbix Multiple Vulnerabilities - Gentoo Bugzilla	N/A	cve vulnerability zabbix monitoring rce sql-injection lfi csrf gentoo cve-2009-4498
`gentoo-zabbix-vulnerabilities.markdown` 03 March 2009	bugs.gentoo.org Zabbix Multiple Critical Vulnerabilities - CVE-2009-4498	N/A	cve vulnerability zabbix rce lfi csrf security-research
`exploit-db-formmail.markdown` 15 June 2009	exploit-db.com FormMail 1.92 Multiple Vulnerabilities - Exploit-DB	N/A	vulnerability formmail xss http-response-injection http-response-splitting exploit-db security-research
`exploit-db-sugarcrm.markdown` 15 June 2009	Exploit-DB.com SugarCRM 5.2.0e Remote Code Execution - EDB-8949	N/A	cve vulnerability sugarcrm rce file-upload security-research advisory
`bugtraq-vtiger-advisory.markdown` 18 August 2009	Bugtraq (marc.info) Vtiger CRM 5.0.4 Multiple Vulnerabilities - Bugtraq Advisory	N/A	cve vulnerability vtiger crm rce csrf lfi xss bugtraq copyright
`exploit-db-vtiger.markdown` 18 August 2009	Exploit-DB.com Vtiger CRM 5.0.4 Multiple Vulnerabilities - EDB Advisory	N/A	cve vulnerability vtiger crm rce csrf lfi xss security-research advisory
`exploit-db-jetty-advisory.markdown` 26 October 2009	Exploit-DB.com Jetty 6.x/7.x Multiple Vulnerabilities - EDB-9887	N/A	cve vulnerability jetty xss information-disclosure escape-injection security-research advisory
2010
`jekil-log-escape-injection.markdown` 10 January 2010	jekil.sexy HTTP Servers Log Escape Sequence Injection - Multi-Vendor Advisory	N/A	cve vulnerability nginx varnish cherokee thttpd mini-httpd webrick orion aolserver yaws boa log-injection escape-sequence advisory security-research
`repository-root-me.markdown` 10 January 2010	Root-Me Repository Root-Me Repository Archive - Security Research	N/A	root-me repository archive security-research vulnerability documentation
`ruby-forum-webrick-vulnerability.markdown` 10 January 2010	Ruby Forum Ruby WEBrick Escape Sequence Injection - Ruby Forum	N/A	ruby-forum webrick escape-sequence injection vulnerability patch
`ruby-lang-webrick-advisory.markdown` 10 January 2010	Ruby-Lang.org Ruby WEBrick Security Advisory - Official Ruby Site	N/A	ruby-lang webrick security-advisory escape-sequence official
`ruby-lang-polish-advisory.markdown` 13 January 2010	Ruby-Lang.org (Polish) Ruby WEBrick Security Advisory - Polish Edition	N/A	ruby-lang webrick security-advisory polish international escape-sequence
`vulmon-vtiger-exploit.markdown` 18 November 2010	Vulmon.com Vtiger CRM 5.2.0 Exploit - Vulmon Database	N/A	vulmon vtiger exploit rce lfi xss copyright
`jekil-vtiger-advisory.markdown` 04 December 2010	jekil.sexy Vtiger CRM 5.2.0 Multiple Vulnerabilities - Jekil Advisory	N/A	cve vulnerability vtiger crm rce lfi xss security-research advisory copyright
2011
`gynvael-php-lfi-whitepaper.markdown` 21 March 2011	Gynvael Coldwind PHP LFI via rfc1867 temporary files - Whitepaper Contribution	N/A	php lfi local-file-inclusion rfc1867 whitepaper security-research contributor exploit vulnerability blog updated
`gynvael-php-security-links.markdown` 22 March 2011	Gynvael Coldwind Blog PHP Security Links - Gynvael Coldwind Blog	N/A	php security blog links resources international-recognition
2012
`security-stackexchange-lfi.markdown` 30 July 2012	Security StackExchange Advanced LFI Attack Techniques - Security StackExchange	N/A	lfi local-file-inclusion path-normalization path-truncation security-stackexchange
2013
`le-matin-scada-investigation.markdown` 30 November 2013	Le Matin (Web Archive) Swiss Industrial Systems Security Investigation - Le Matin	N/A	le-matin switzerland scada industrial-security investigation isgroup
`le-matin-dimanche-scada.markdown` 01 December 2013	Le Matin Dimanche Des webcams de privés au Parc Saint-Jacques de Bâle - Le Matin Dimanche	N/A	scada ics industrial-control-systems cybersecurity switzerland investigation isgroup critical-infrastructure vulnerability-assessment le-matin-dimanche
`sonntagszeitung-scada-part1.markdown` 01 December 2013	SonntagsZeitung Swiss Industrial Systems Vulnerability Investigation - SonntagsZeitung Part 1	N/A	sonntagszeitung switzerland scada vulnerability investigation isgroup industrial-security
`sonntagszeitung-scada-part2.markdown` 01 December 2013	SonntagsZeitung Swiss Industrial Systems Vulnerability Investigation - SonntagsZeitung Part 2	N/A	sonntagszeitung switzerland scada vulnerability investigation scadaexposure systematic-analysis
`scada-internet-exposure.markdown` 05 December 2013	InformationSecurityGroup.de SCADA Internet Exposure 2013 - Industrial Control Systems Research	N/A	scada ics industrial-control-systems cybersecurity research isgroup critical-infrastructure shodan google vulnerability-assessment
`nuova-venezia-scada.markdown` 27 December 2013	La Nuova Venezia SCADA Systems Global Exposure Study - La Nuova Venezia	N/A	scada exposure study italy switzerland isgroup scadaexposure industrial-security
2014
`larena-easygroup.markdown` 04 April 2014	L'Arena EasyGroup, sicurezza anche per pmi - L'Arena	N/A	easygroup easyaudit isgroup pmi cybersecurity penetration-test spin-off interview newspaper
`ost-ics-threat-map.markdown` 11 April 2014	eprints.ost.ch ICS Threat Map V1.0 - Swiss Critical Infrastructure Security Report	N/A	ics critical-infrastructure security-research switzerland industrial-systems
`endsummercamp-esc10.markdown` 30 June 2014	EndSummerCamp Hacking Linux VServer with 0day exploits - EndSummerCamp ESC10	N/A	endsummercamp esc10 linux vserver 0day exploit paravirtualization conference
`sikurezza-mo20-announcement.markdown` 21 November 2014	Sikurezza.org MO20 ZERO DAY Event Announcement - Sikurezza.org	N/A	sikurezza mo20 announcement hacking pescara anniversary
`sikurezza-mo20-program.markdown` 25 November 2014	Sikurezza.org MO20 ZERO DAY Event Program - Sikurezza.org	N/A	sikurezza mo20 zero-day program hacking metro-olografix
`mo20-hacking-conference.markdown` 06 December 2014	Metro Olografix Ringobongo LTD Annual Report 2014 - MO20 Conference	N/A	mo20 metro-olografix hacking conference pescara anniversary underground
`nicola-battista-mo20.markdown` 06 December 2014	Nicola Battista Blog Metro Olografix 20th Anniversary - Nicola Battista Blog	N/A	mo20 metro-olografix anniversary blog hacking cultural-impact
`pescara-news-mo20.markdown` 11 December 2014	PescaraNews.net MO20 Event Coverage - PescaraNews.net	N/A	mo20 pescara news coverage security-expert workshops demonstrations
2015
`festival-giornalismo-perugia.markdown` 17 April 2015	Festival Internazionale del Giornalismo The hacking landscape - Festival Internazionale del Giornalismo	N/A	hacking cybersecurity journalism festival perugia isgroup conference presentation vulnerability phishing hackers-corner speaker-profile
`festival-giornalismo-program.markdown` 17 April 2015	Festival Internazionale del Giornalismo Festival del Giornalismo 2015 - Official Program	N/A	journalism festival perugia program hackers-corner conference
`pasquale-fiorillo-veeam-cve.markdown` 07 October 2015	blog.pasqualefiorillo.it CVE-2015-5742 - Veeam Backup & Replication Critical Vulnerability	N/A	cve vulnerability veeam 0day security-research
`seclists-veeam-vulnerability.markdown` 09 October 2015	Seclists.org Veeam Backup & Replication Vulnerability - Seclists Advisory	N/A	veeam backup replication vulnerability privilege-escalation seclists isgroup
`security-affairs-veeam.markdown` 09 October 2015	Security Affairs Veeam 0-day Vulnerability Discovery - Security Affairs	N/A	security-affairs veeam 0day vulnerability privilege-escalation isgroup
`github-secure-ssh-server.markdown` 03 November 2015	GitHub Secure SSH Server Configuration - GitHub Repository	N/A	github ssh security configuration debian openssh isgroup repository open-source
2016
`festival-giornalismo-program-2016.markdown` 08 April 2016	Festival Internazionale del Giornalismo Festival del Giornalismo 2016 - Official Program Details	N/A	journalism festival perugia 2016 program information-security cloud-computing
`festival-giornalismo-perugia-lost-war.markdown` 08 April 2016	Festival Internazionale del Giornalismo The lost war on information security - Festival Internazionale del Giornalismo	N/A	information-security cybersecurity journalism festival perugia isgroup conference presentation digital-threats organized-crime corporations governments cloud-computing data-bubble hackers-corner
2017
`largabanda-cybersecurity-event.markdown` 10 March 2017	Largabanda.it (Web Archive) Cybersecurity Event Announcement - Largabanda.it	N/A	largabanda cybersecurity event arezzo gdpr vulnerability isgroup
`quinews-arezzo-cybersecurity.markdown` 21 March 2017	QuiNews Arezzo Cybersecurity Conference Announcement - QuiNews Arezzo	N/A	cybersecurity arezzo conference gdpr vulnerability largabanda confartigianato cna
`cna-hacker-event.markdown` 23 March 2017	CNA.it La vulnerabilità aziendale: incontro con un hacker	N/A	cybersecurity event vulnerability industrial-secrets conference
`ush-hack-pisa-presentation.markdown` 10 June 2017	USH.it Hack Pisa 2008 Penetration Testing Presentation - USH.it	N/A	ush hack-pisa penetration-testing presentation 2008 ascii
`proxmox-ssl-discussion.markdown` 30 November 2017	Proxmox Mailing List Proxmox SSL Security Discussion - Mailing List Contribution	N/A	proxmox ssl https security mailing-list open-source sni certificate isgroup senior-security-researcher
2018
`sgame-pro-team.markdown` 26 June 2018	Medium (Sgame Pro) Sgame Pro Team Introduction - Blockchain Security Consultant	N/A	blockchain sgame-pro security-consultant ethical-hacking penetration-testing
2021
`snyk-webrick-cve.markdown` 01 July 2021	Snyk.io Ruby WEBrick CVE-2009-4492 - Snyk Security Advisory	N/A	snyk ruby webrick cve-2009-4492 escape-sequence injection critical
`gynvael-php-lfi-updated.markdown` 24 September 2021	Gynvael Coldwind PHP LFI via rfc1867 Updated Whitepaper - 2021 Edition	N/A	php lfi local-file-inclusion rfc1867 whitepaper updated 2021 contributor
2022
`gerki-vtiger-exploit.markdown` 21 December 2022	Gerki Forum Vtiger CRM 5.0.4 LFI Exploit - Gerki Underground Forum	N/A	cve vulnerability vtiger crm lfi local-file-inclusion exploit underground-forum gerki python edb-id cve-2009-3249
2023
`defcon-ansi-escape-reference.markdown` 11 August 2023	DEF CON Media DEF CON 31 - ANSI Escape Sequences Research Citation	N/A	defcon ansi escape-sequences forensics citation research log-injection
`aliyun-log-escape-injection.markdown` 22 September 2023	developer.aliyun.com Log Escape Sequence Injection Vulnerability in Multiple Web Servers	N/A	cve vulnerability log-injection nginx varnish cherokee webrick security-research advisory
`youtube-phoenix-hacking-of-things.markdown` 22 September 2023	YouTube Hacking of Things Conference - Phoenix Informatica YouTube Video	N/A	youtube phoenix-informatica hacking-of-things iot security bergamo kilometro-rosso isgroup ethical-hacking penetration-testing
2024
`mo20-profile-feature.markdown` 16 January 2024	Metro Olografix Francesco Ongaro Profile - Metro Olografix Feature	N/A	profile metro-olografix isgroup ceo security-expert mo20
`mo20-ringobongo-report.markdown` 16 January 2024	Metro Olografix Ringobongo LTD Annual Report 2014 - Extended Profile	N/A	ringobongo annual-report mo20 satirical security-industry criticism
`packagist-shodan-php.markdown` 05 May 2024	Packagist.org Shodan-PHP-REST-API Package - Packagist.org	N/A	packagist php shodan api open-source scadaexposure isgroup
`adawen-ransomware-webinar.markdown` 22 August 2024	Adawen.it Ransomware: la minaccia invisibile - Webinar	N/A	ransomware webinar cybersecurity threats
2025
`variot-vtiger-cve.markdown` 10 April 2025	VARIoT Database VARIoT Database - Vtiger CRM CVE-2009-3248 Credit	N/A	variot database vtiger cve-2009-3248 csrf vulnerability credit
`abnewswire-isgroup.markdown` 13 August 2025	ABNewswire ISGroup SRL Brings Italian Excellence in Manual Cybersecurity to English-Speaking Markets	N/A	cybersecurity international expansion
`barchart-isgroup.markdown` 13 August 2025	Barchart.com ISGroup SRL International Expansion Coverage	N/A	cybersecurity international expansion finance
`globe-and-mail-isgroup.markdown` 13 August 2025	The Globe and Mail ISGroup SRL International Expansion - The Globe and Mail	N/A	globe-and-mail isgroup international-expansion cybersecurity ceo ascii
`digitaljournal-isgroup.markdown` 15 August 2025	Digital Journal ISGroup SRL Brings Italian Excellence in Manual Cybersecurity to English-Speaking Markets	N/A	cybersecurity international expansion interview

Media Inquiries

For interviews, comments on cybersecurity topics, or technical analysis, please contact me.

Press Coverage Timeline

2005

2006

2007

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

2021

2022

2023

2024

2025

Media Inquiries