Craig Young

Craig Young is Principal Security Researcher for Tripwire's Vulnerability and Exposures Research Team (VERT). Over the years, Craig has disclosed many vulnerabilities covering a wide range of products and services including Android, iOS/macOS, PHP, Apache HTTPD, and Google to name a few. In 2018, he was part of a team to receive a Pwnie for the ROBOT research which demonstrated that Bleichenbacher oracles described in 1998 still affected a dozen vendors including most prominently F5 and Citrix. In many cases, such as Facebook.com, an attacker could have exploited this behavior to impersonate the HTTPS site.

Presentations:

Copresenters: