No Photo Available

Last Update


This profile was last updated on .

Is this you? Claim your profile.

Wrong Robert Graham?

Mr. Robert David Graham

Chief Executive Officer

Errata Security

HQ Phone: (404) 475-5597

Email: r***@***.com

Get ZoomInfo Grow

+ Get 10 Free Contacts a Month

Please agree to the terms and conditions

I agree to the Terms of Service and Privacy Policy. I understand that I will receive a subscription to ZoomInfo Grow at no charge in exchange for downloading and installing the ZoomInfo Contact Contributor utility which, among other features, involves sharing my business contacts as well as headers and signature blocks from emails that I receive.

Errata Security

1401 Peachtree Street Suite 500

Atlanta, Georgia 30309

United States

Company Description

Errata Security is a privately held firm started in 2006 by experts in the cybersecurity industry. The mission of Errata Security is to give access to the skills and talent of cutting edge researchers to companies that don't want to staff their own resear ... more

Find other employees at this company (1)

Background Information

Employment History

Operations Manager

International Safety Services

Facility Manager

US Department of Defense

Deputy Chief Officer Director of Operations

London Fire Brigade

Chief Executive Officer of Errata Security

Black Hat



Web References (93 Total References)

Why Trump's Russian server connection is less suspicious than it sounds - The Verge [cached]

"When you have only a few details, the nefarious ones loom large in your imagination," says Errata Security's Robert David Graham.

Shell Shock: Bash bug labelled largest ever to hit the internet. | Highgate IT Services - 02 48421 126 [cached]

Speaking from the US, Robert Graham, a security consultant at Errata Security who has been monitoring the bug, told Fairfax Media its potential impact was worse than Heartbleed.

Mr Graham said there was not much consumers could do but ensure their home router's firewall was correctly configured to stop hackers exploiting vulnerable devices on their network.
He urged system administrators of servers which host websites to update their security as soon as possible to ensure data was not stolen by hackers who he expected are actively exploiting the new-found bug.
Mr Graham said many devices would probably remain vulnerable forever as some firms that have made internet-connected devices may have shutdown or may not be supporting old devices affected.

password generators | Travis Investigations [cached]

Robert Graham, CEO of Errata Security, explains that we can get hit with either online or offline attacks. In online attacks, hackers try to log on pretending to be you and guess your password. Unless you've chosen something extremely easy to guess, such as asdfg, this isn't usually a problem, because online systems automatically lock your account after several attempts.

Offline password hacking, Graham says, is another story.
According to Graham, that makes 100 possible combinations for each character. Lowercase passwords have only 26 combinations per character. A hacker can guess an all-lowercase password of 10 characters in about two days.
Hackers have another trick up their collective sleeve: the mutated dictionary attack. As Graham explains it, a large password like "Aardvark-Zebra9" is a longer password than hackers would be able to discover by brute force.
Here's an example Graham gives: If they know who you are, they will find words particular to you.
Source: Robert Graham
Leave a comment

Heartbleed vulnerability may have been exploited months before patch [Updated] [cached]

Update: Errata Security's Robert Graham has acknowledged that he was mistaken in his assessment, and that private keys could be at risk. The original story below has been marked up accordingly.

There's good news, bad news, and worse news regarding the "Heartbleed" bug that affected nearly two-thirds of the Internet's servers dependent on SSL encryption. The good news is that many of those servers (well, about a third) have already been patched. And according to analysis by Robert Graham of Errata Security, the bug won't expose the private encryption key for servers "in most software"
In a post to the Errata Security blog, Robert Graham explained that it is highly unlikely that private key data would be stored in the memory buffer that could be leaked using the Heartbleed exploit. "What you can eavesdrop on with Heartbleed hacks is dynamic stuff, stuff that was allocated only moments ago," he wrote. But that assertion has been refuted, and Graham has since rescinded it, as noted above.
"We also found 33,531 machines that had Heartbeats enabled, but which did not respond to the Heartbleed attack," Graham wrote.

Surprise: Apple’s Novel iPhone 5S Fingerprint Tech Gets Hacked 1 Day After Phone Launch | Smashiphone [cached]

Robert Graham, CEO of Errata Security, opined over a Bloomberg interview on September 20, 2013 that they have posed a challenge to people who want to beat this newest iPhone Fingerprint Lock. They are offering a $ 15K reward, together with bitcoins and a week's supply of booze to the first person to do so. Wanting to "put their money where their mouth is" and confident of this new Apple technology, Graham and his partners have raised the prize money from their own wallets.

Similar Profiles

Other People with this Name

Other people with the name Graham

Russell Graham
Argosy Property Limited

Joe Graham

Alexandra Graham
Wavelength International

Bill Graham
City of Del City

Bill Graham

City Directory Icon

Browse ZoomInfo's Business Contact Directory by City

People Directory Icon

Browse ZoomInfo's
Business People Directory

Company Directory Icon

Browse ZoomInfo's
Advanced Company Directory