Ruben Unteregger is a Swiss programmer who creates Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP) phone calls which inject code into the Skype process in order to convert the incoming and outgoing voice data into an encrypted MP3 available at the disposal of the attacker. He has also released the source code of his trojan horses ('MiniPanzer' and 'MegaPanzer').
Fotis Loukos received his BSc in Applied Mathematics from the Aristotle University of Thessaloniki, followed by an MSc in Computer and Communication Engineering from the University of Thessaly and a PhD in Computer Science from the Aristotle University of Thessaloniki. He wrote PreZ injector, a PoC for injecting a code at a running process and running it as a separate thread.
Brock Tellier used to work for NAI Covert Labs (now McAfee). He is a security researcher and an exploit developer who has published exploits in Exploit-DB and Packet Storm. Author the following exploits (just to prove that he is 1337):
- FreeBSD 3.3,Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow Vulnerability (1)
- FreeBSD 3.3 gdc Symlink Vulnerability
- Mandriva Linux Mandrake 6.0,Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
- Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)
- Solaris 7.0 /usr/bin/mail -m - Local Buffer Overflow Vulnerability
- and many more to mention...
Dean Turner was one of the co-founders of SecurityFocus in 1999 and served as its Director of Operations and Content until the company’s acquisition by Symantec in 2002. Prior to forming SecurityFocus, Turner worked for Network Associates as their Competitive Analysis Manager for their security product line. Turner has a broad range of expertise from Operations and Network Security to Incident Analysis.
Aditya Gupta is the founder of Attify, and the creator of a training course entitled "Offensive IoT Exploitation". He is a frequent speaker and trainer at psecurity conferences such as BlackHat, OWASP AppSec, Syscan and phDays to name a few. He is also the author of the book "Learning Pentesting for Android Devices".
Ye Yint is a security researcher who is one of the core members of of YGN Ethical Hacker Group (YEHG) and a former technical team member of the Myanmar Computer Emergency Response Team (mmCERT). He has attained around 20 Security Hall of Fames from various sites and applications including but not limited to DuckDuckgo, ROCeter, AppAnnie, Teamtailor, Okcupid, ConstantContact, ESET, Inflectra, Splistwise, Segment etc.
Hal Finney is a renowned cryptographer, noted cryptographic activist, former developer for PGP Corporation, and was the second developer hired after Phil Zimmermann. In his early career, he was credited as lead developer on several console games. He also was an early bitcoin user and received the first bitcoin transaction from bitcoin's creator Satoshi Nakamoto. He died in Phoenix August 28, 2014 and was cryopreserved by the Alcor Life Extension Foundation.
Esteban Martinez Fayo is a security researcher from Argentina who disclosed a security issue with the O5LOGON Oracle database authentication protocol (used in 11g – 11.1 & 11.2). This problem, known as CVE-2012-3137, makes it relatively simple for attackers to get hold of passwords using a brute-force attack on the encrypted (AES -192 bit) session key that is returned by the Oracle database when connecting. This means you don’t need the password hash (SHA-1 hash as of 11g) to brute force the password anymore. The information (the encrypted session key – AUTH_SESSKEY – and the password SALT value – AUTH_VFR_DATA) returned by the server at an very early state of the authentication process if enough.
Mariusz Mlynski is a security researcher from Poland who was awarded with $55,000 at HP's Pwn2Own 2014 hacking contest for exploiting Firefox wherein he was able to execute a fundamental flaw to escalate to system privileges in Windows.
Dan Rosenberg is a security researcher who is known for his kernel exploits. Together with Jon Oberheide, they demonstrated an exploit technique coined Stackjacking against a customized Linux kernel hardened with the grsecurity patchset. The attack was questionable since they used a modified kernel rather than a standard Grsecurity hardened kernel with a previously known exploit. He is also the author of FuzzDiff which is a tool that helps make crash analysis during file format fuzzing easier.