whitehat

Ruben Unteregger

IRL Name: 
Ruben Unteregger
Biography: 

Ruben Unteregger is a Swiss programmer who creates Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP) phone calls which inject code into the Skype process in order to convert the incoming and outgoing voice data into an encrypted MP3 available at the disposal of the attacker. He has also released the source code of his trojan horses ('MiniPanzer' and 'MegaPanzer').

Pictures: 
References

jackal

IRL Name: 
Fotis Loukos
Biography: 

Fotis Loukos received his BSc in Applied Mathematics from the Aristotle University of Thessaloniki, followed by an MSc in Computer and Communication Engineering from the University of Thessaly and a PhD in Computer Science from the Aristotle University of Thessaloniki. He wrote PreZ injector, a PoC for injecting a code at a running process and running it as a separate thread.

Pictures: 
References

xnec

IRL Name: 
Brock Tellier
Biography: 

Brock Tellier used to work for NAI Covert Labs (now McAfee). He is a security researcher and an exploit developer who has published exploits in Exploit-DB and Packet Storm. Author the following exploits (just to prove that he is 1337):

- FreeBSD 3.3,Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow Vulnerability (1)
- FreeBSD 3.3 gdc Symlink Vulnerability
- Mandriva Linux Mandrake 6.0,Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
- Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)
- Solaris 7.0 /usr/bin/mail -m - Local Buffer Overflow Vulnerability
- and many more to mention...

References

t00nces

IRL Name: 
Dean Turner
Biography: 

Dean Turner was one of the co-founders of SecurityFocus in 1999 and served as its Director of Operations and Content until the company’s acquisition by Symantec in 2002. Prior to forming SecurityFocus, Turner worked for Network Associates as their Competitive Analysis Manager for their security product line. Turner has a broad range of expertise from Operations and Network Security to Incident Analysis.

Pictures: 
References

adi1391

IRL Name: 
Aditya Gupta
Biography: 

Aditya Gupta is the founder of Attify, and the creator of a training course entitled "Offensive IoT Exploitation". He is a frequent speaker and trainer at psecurity conferences such as BlackHat, OWASP AppSec, Syscan and phDays to name a few. He is also the author of the book "Learning Pentesting for Android Devices".

Pictures: 
References

Ye Yint Min Thu Htut

IRL Name: 
Ye Yint Min Thu Htut
Biography: 

Ye Yint is a security researcher who is one of the core members of of YGN Ethical Hacker Group (YEHG) and a former technical team member of the Myanmar Computer Emergency Response Team (mmCERT). He has attained around 20 Security Hall of Fames from various sites and applications including but not limited to DuckDuckgo, ROCeter, AppAnnie, Teamtailor, Okcupid, ConstantContact, ESET, Inflectra, Splistwise, Segment etc.

Pictures: 
References

Hal Finney

IRL Name: 
Hal Finney
Biography: 

Hal Finney is a renowned cryptographer, noted cryptographic activist, former developer for PGP Corporation, and was the second developer hired after Phil Zimmermann. In his early career, he was credited as lead developer on several console games. He also was an early bitcoin user and received the first bitcoin transaction from bitcoin's creator Satoshi Nakamoto. He died in Phoenix August 28, 2014 and was cryopreserved by the Alcor Life Extension Foundation.

Pictures: 
References

Esteban Martinez Fayo

IRL Name: 
Esteban Martinez Fayo
Biography: 

Esteban Martinez Fayo is a security researcher from Argentina who disclosed a security issue with the O5LOGON Oracle database authentication protocol (used in 11g – 11.1 & 11.2). This problem, known as CVE-2012-3137, makes it relatively simple for attackers to get hold of passwords using a brute-force attack on the encrypted (AES -192 bit) session key that is returned by the Oracle database when connecting. This means you don’t need the password hash (SHA-1 hash as of 11g) to brute force the password anymore. The information (the encrypted session key – AUTH_SESSKEY – and the password SALT value – AUTH_VFR_DATA) returned by the server at an very early state of the authentication process if enough.

Pictures: 
References

Mariusz Mlynski

IRL Name: 
Mariusz Mlynski
Biography: 

Mariusz Mlynski is a security researcher from Poland who was awarded with $55,000 at HP's Pwn2Own 2014 hacking contest for exploiting Firefox wherein he was able to execute a fundamental flaw to escalate to system privileges in Windows.

Pictures: 
References

djrbliss, Dan Rosenberg

IRL Name: 
Dan Rosenberg
Biography: 

Dan Rosenberg is a security researcher who is known for his kernel exploits. Together with Jon Oberheide, they demonstrated an exploit technique coined Stackjacking against a customized Linux kernel hardened with the grsecurity patchset. The attack was questionable since they used a modified kernel rather than a standard Grsecurity hardened kernel with a previously known exploit. He is also the author of FuzzDiff which is a tool that helps make crash analysis during file format fuzzing easier.

Pictures: 
References
Syndicate content