Sergio ESPOSITO
Sergio Esposito is a Researcher at the Department of Mathematics and Computer Science of the University of Catania.
He holds a PhD in Information Security from Royal Holloway, University of London. His main research area is IoT Security: he thoroughly investigated self-activation attacks, to understand to what extent commands played and captured by the same device can be a threat to the device users' security, safety and privacy. He is the author of the AvA attack (CVE-2022-25809), which was extensively discussed by media. Since 2021, he is a Teaching Assistant for the "Vulnerability Assessment and Penetration Testing" course at University of Catania.
Before becoming a researcher, he was a cybersecurity consultant for more than 60 client organisations, including SMB, SME and large enterprises. His consultancy services included GDPR gap analysis, penetration testing, vulnerability assessment, incident response & analysis, and training sessions on security topics.
Education
2023
Royal Holloway, University of London
PhD Information Security
2017
Università degli Studi di Catania
Master Degree in Computer Science - Networks and Security
2013
Università degli Studi di Catania
Bachelor's Degree in Computer Science
Teaching
2020-Current
Università degli Studi di Catania
Tutor for the Cyberchallenge.IT project
2021-2023
Università degli Studi di Catania
Teaching Assistant for the Vulnerability Assessment and Penetration Testing Course
2020-2021
Royal Holloway, University of London
Teaching Assistant for the IY3840 course: Malicious Software
2019-2020
Università degli Studi di Catania
Tutor for the Internet Security course
Industry
2023
Freelancer
2017-2019
ICT Legal Consulting > ICT Cyber Consulting
Cyber Security Advisor > Chief Cyber Security Advisor > Cybersecurity Specialist
2013-2014
Chisari SpA
Web Designer
Sergio Esposito is mostly interested in the following research topics:
- IoT Security
- Penetration Testing
- Web Vulnerabilities