Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

March 31 - April 3, 2020
Marina Bay Sands / Singapore

Regional Review Board

Bill Breen

Bill Breen

Bill Breen is a computer security subject matter expert in several domains. He is currently living in SE Asia and continues to work in the computer security arena. Mr. Breen has spent the last 17 years doing information security work for a Fortune 100 company. Work related to incident response, forensics, risk assessments, perimeter security and implementing security policy on a global scale. Mr. Breen has been a senior planner for the DEF CON security conference for over 12 years, and is on the CFP review board for DEF CON. Mr. Breen is a very proud member of the Ninja Network hacker group, and has been involved in the hacking community for over 20 years.


bunnie

bunnie

bunnie is best known for his work hacking the Microsoft Xbox, as well as for his efforts in designing and manufacturing open source hardware, including the chumby (app-playing alarm clock), chibitronics (peel-and-stick electronics for craft), and Novena (DIY laptop). He received his PhD in EE from MIT in 2002. He currently lives in Singapore where he runs a private product design studio, Kosagi, and he actively mentors several startups and students.


James Butler

James Butler

Jamie Butler is the Chief Technology Officer and Chief Scientist at Endgame, where he leads Endgame's research on advanced threats, vulnerabilities and attack patterns. He has directed research teams at some of the most prominent and successful security companies of the last decade. Most recently, Butler was Chief Architect at FireEye and Chief Researcher at Mandiant. A recognized leader in attack and detection techniques, he has over 17 years of experience and knowledge in operating system security. Butler was a computer scientist at the National Security Agency and co-authored the bestseller Rootkits: Subverting the Windows Kernel. Butler is also a frequent speaker at the foremost computer security conferences and serves as a Review Board member for Black Hat. He co-developed and instructs the popular security courses "Advanced Memory Forensics in Incident Response," "Advanced 2nd Generation Digital Weaponry," and "Offensive Aspects of Rootkit Technology."


Sudhanshu Chauhan

Sudhanshu Chauhan

Sudhanshu Chauhan is Director and Co-Founder of RedHunt Labs, focusing on Open Source Intelligence (OSINT), Asset Discovery and Perimeter Security. He is the former Associate Director at NotSoSecure, where he was actively involved in security consulting and training exercises.

Sudhanshu is the developer of RedHunt OS and one of the core contributors to DataSploit. He has co-authored 'Hacking Web Intelligence', a book on OSINT and web reconnaissance concepts and techniques. He has been a speaker at various conferences such as Ground Zero Summit, CyberHackathon Bar-Ilan University, Black Hat Arsenal, etc. He has been a trainer at Black Hat for 'Tactical OSINT' and 'Web Hacking - Black Belt Edition' and has delivered training at other conferences such as AppSec EU, c0c0n, RootCon, etc. He is the co-founder of Recon Village which runs at DEF CON.

Twitter: @Sudhanshu_C


Mika Devonshire

Mika Devonshire

Mika Devonshire runs SSIC's digital forensics laboratory and innovation center. In addition to managing an active cybercrime case load, she looks to standardize attack artifacts and integrate the intelligence into their patented risk analytics algorithm.

Over the past six years Mika has served as an offensive cyber systems engineer at BAE Systems; a security analyst at Silent Circle; and a technical product manager. Outside the office, Mika teaches CTF skills as part of The HackerGround, and participates at various conferences. Mika earned her master's in digital forensics from The George Washington University, and her bachelor's degree from Princeton University.


Ryan Flores

Ryan Flores

Currently, the senior manager of the Forward-Looking Threat Research team in APAC, Ryan Flores has had more than 15 years of experience in antivirus and IT security under his belt. He has held various positions in Trend Micro, starting as an antivirus engineer in charge of malware analysis, detection, and removal. He was heavily involved in malware sourcing and honeypot development and deployment as a member of Trend Micro Incident Response Team. His current position requires him to research on botnets, cybercrime and underground activities, as well as emerging technologies.


Lidia Giuliano

Lidia Giuliano

With over 15 years' experience in the Defence, Financial Services and Telecommunications, Lidia Giuliano has an extensive background in security testing, vulnerability management and prevention and detection techniques. Originally from Melbourne, Lidia spent a number of years in the USA working and researching malware evasion and obfuscation techniques. She has been a past speaker at Black Hat, SecTor, DevSecCon, and has been published in various media.

Lidia has since returned to Australia where she continues her endpoint security research and speaks at conferences both at home and internationally. She is the conference organiser for BSides Melbourne, spends a lot of her time mentoring others and is passionate about growing the information security community.


Seunghun Han

Seunghun Han

Seunghun Han is a security researcher at the Affiliated Institute of ETRI. Seunghun focuses on the root of trust, firmware, hypervisor, and kernel security, so he has made his own hypervisor and contributed various patches to the Linux kernel and TPM-based security software.

Seunghun was a speaker and an author at USENIX Security, Black Hat Asia, HITBSecConf, BlueHat Shanghai, TyphoonCon, beVX, Becks Japan, and KimchiCon. He also authored two books about building 64bit OS from scratch, "64-bit multi-core OS principles and structure, volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN-13: 978-8979148374)".

Seunghun is a member of the Black Hat Asia Review Board and KIMCHICON Review Board.

Twitter: @kkamagui1


Robert Hansen

Robert Hansen

Robert Hansen is the CEO of OutsideIntel. He is the former VP of Labs at WhiteHat security and the former Chief Executive of SecTheory and Falling Rock Networks which focused on building a hardened OS. Mr. Hansen began his career in banner click fraud detection at ValueClick. Mr. Hansen has worked for Cable & Wireless doing managed security services, and eBay as a Sr. Global Product Manager of Trust and Safety. Mr. Hansen contributes to and sits on the advisory board of several companies. Mr. Hansen has co-authored "XSS Exploits" by Syngress publishing and wrote the eBook, "Detecting Malice." Robert is a member of WASC, APWG, IACSP, ISSA, APWG and contributed to several OWASP projects, including originating the XSS Cheat Sheet. He is also a mentor at TechStars.

Twitter: @RSnake


Vincenzo Iozzo

Vincenzo Iozzo

Vincenzo is an entrepreneur and investor. He currently serves as a Director at CrowdStrike following the sale of his company Iperlane in 2017. Vincenzo is also a Network Leader at Village Global, a seed stage VC fund based in Silicon Valley. In addition, Vincenzo is an Associate Researcher at the MIT Media Lab and serves as a committee member on the Black Hat Conference board. Vincenzo co-authored the "iOS Hacker's Handbook" (Wiley, 2012) and the winning attacks against Firefox, iOS and Blackberry OS at Pwn2Own between 2010-2012.

Twitter: @_snagg


Monnappa K A

Monnappa K A

Monnappa K A works with Cisco Systems as information security investigator focusing on threat intelligence, investigation of advanced cyber-attacks, researching on cyber espionage and targeted attacks. He is the creator of Limon Linux sandbox and winner of Volatility plugin contest 2016. He is the author of the upcoming book "Learning Malware Analysis". He is the co-founder of the cyber-security research community "Cysinfo". His fields of interest include malware analysis, reverse engineering, memory forensics and threat intelligence. He has presented at various security conferences like Black Hat, FIRST, SEC-T, DSCI, National Cyber Defence Summit and Cysinfo on various topics which include memory forensics, malware analysis, reverse engineering and rootkit analysis. He has conducted trainings at Black Hat, FIRST (Forum of Incident Response and Security teams), SEC-T, OPCDE cyber security conferences. He has also authored various articles in eForensics and Hakin9 magazines.

He regularly conducts training titled "A Practical Approach to Malware Analysis and Memory Forensics" around the world including Black Hat USA, Black Hat Asia and Black Hat Europe. You can find some of his contributions to the community in his YouTube channel, and he publishes blog posts at cysinfo.com. Twitter: @monnappa22


Vitaly Kamluk

Vitaly Kamluk

Vitaly Kamluk is Principal Security Researcher at Kaspersky Lab, focusing on target attack investigation, malware analysis, and broader security research. He spent two years with INTERPOL in Singapore specializing in malware reverse engineering, digital forensics and cybercrime investigation.

Vitaly has presented at numerous security conferences including Black Hat, DEF CON, Hitcon, BSides, PHDays, Ruxcon, SAS, etc. He is a trainer in Yara hunting, Advanced malware reversing and Digital forensics. He is also the author of open-source project Bitscout for remote system analysis.


Seungjoo Kim

Seungjoo Kim

Seungjoo (Gabriel) Kim is a professor of Graduate School of Information Security in Korea University from 2011 and his research areas focus on SDL, security engineering, cryptography and blockchain.

For the past seven years, he was an associate professor of Sungkyunkwan University and has five years of back ground of team leader of Cryptographic Technology Team and also IT Security Evaluation Team of KISA(Korea Internet & Security Agency).

In addition to being a professor, he is positioning a head of SANE(Security Analysis aNd Evaluation) Lab, an adviser of hacking club 'CyKor', a founder/advisory director of an international security & hacking conference 'SECUINSIDE'. His numerous professional focus on a presidential committee member on the 4th industrial revolution and an advisory committee member of several public and private organizations such as NIS(National Intelligence Service), Ministry of National Defense, Ministry of Justice, Supreme Prosecutors' Office, Korea National Police Agency, Nuclear Safety and Security Commission, etc. He also taught at the Korea Military Academy.

Twitter: @skim71 / Homepage: www.KimLab.net


Dax Labrador

Dax Labrador

Dax Labrador has been active in the hacking scene for 10 years and possesses undiminished passion for information security. He is the founder and director of ROOTCON the largest hacking conference in the Philippines. Dax was previously an AppSec Manager at Hewlett-Packard Fortify on Demand, he later joined Bugcrowd’s Application Security Engineering Team.


Anthony Cheuk Tung Lai

Anthony Cheuk Tung Lai

Anthony Lai focus on offensive "Kungfu", malware analysis, target attack research as well as attribution. He is passionate over Capture the Flag game, reverse engineering and exploitation for years.

After inspired by Black Hat and DEFCON in 2007-8, he has found a non-profit making research group called VXRL (Valkyrie-X Security Research Group) since 2009 in Hong Kong, researchers have published various research in various security and hacker conference including AVTokyo, Codegate, Blackhat USA, DEFCON, DFRWS, HITCON, HTCIA USA and Asia Pacific. He organized a small conference called VXCON (vxcon.hk) and line up various his good friends to give cutting edge sharing and workshop.

Anthony acts as a director of Knownsec Hong Kong and Macau (knownsec.asia) and currently engages a part-time PhD program in Hong Kong University of Science and Technology, his research focus is on malware/threat attribution, machine learning and software analysis. He has been invited to be the technical team coach with Zetta KE and Alan HO for the CTF Team named "FireBird" sponsored and supported by Cyber Security Lab in HKUST (cybersecurity.cse.ust.hk).

Anthony is a mentor of SANS GREM and GXPN holder for official course.


SeungJin Lee

SeungJin Lee

Beist has been a member of the IT security field since 2000. His first company was Cyber Research based in Seoul, South Korea and first focused on pen-testing. He then got a Computer Engineering B.A. degree from Sejong University. He has won more than 10 CTF hacking contests in his country as well as passed DefConquals 5 times. He has run numerous security conferences and hacking contests such as SECUINSIDE and CODEGATE in Korea. Also, he has given talks at BLACKHAT Las Vegas, SYSCAN, CANSECWEST, AVTOKYO, HITCON, SECUINSIDE, EDSC, and TROOPERS. Hunting bugs and exploiting them are his main interest. He is one of GRAYHASH company founders. He is now a graduate student at SANE LAB, Korea University.


Ping Look

Ping Look

Ping Look has over a decade of experience building, promoting and managing events in the IT space including two of the most iconic and massively influential IT security events: The Black Hat Briefings + Trainings and DEF CON. At Black Hat she managed the growth of brand from obscurity to profitability and grew the event from a three track, two-day event to a six day, 11 track and training intense event that brought together the best and the most relevant (and occasionally the most obscure) speakers and content providers to Black Hat events in Asia, Europe, the Middle East and the US. During her tenure at Black Hat she was often referred to as the Ping of Death aka "The One You Don't Want to Piss Off (or you will die)".

Ping is currently engaged at Optiv Security building and implementing Security Awareness programs.


Ty Miller

Ty Miller

Ty Miller is the Chief Executive Officer and Founder of Threat Intelligence Pty Ltd, a specialist consultancy defining the next era of security, intelligence and penetration testing approaches. He sits on the Board of Directors for CREST in Australia and New Zealand, and leads the CREST A/NZ Technical Team.

Ty is a trainer at Black Hat, with his training courses "The Shellcode Lab" and "Practical Threat Intelligence", and has trained and presented to international government agencies, big technology and security companies at a wide range of conferences around the world including Black Hat USA, Black Hat DC, Hack-In-The-Box, and Ruxcon.

Ty is a co-author of the highly popular security book "Hacking Exposed Linux 3rd Edition", and has developed low level attack techniques for companies including the DNS Channel payload for Core Security.

Before founding Threat Intelligence, Ty held strategic senior management and C-Level positions in key organizations and was instrumental in developing an expert and authoritative voice to the Australian media, and today remains a high-profile media commentator for both enterprise and consumer security trends, attacks and issues.


Shubham Mittal

Shubham Mittal

Shubham Mittal is Co-Founder at RedHunt Labs and is a techie at heart. He is the former CTO at Neotas where he led the research and development of their products and services. He is the co-founder of Recon Village, an OSINT focused mini-con at DEFCON. Shubham is also co-author of OSINT Framework DataSploit.

Shubham is a trainer at BlackHat, where he delivers his flagship training 'Tactical OSINT for Pentesters'. He has trained and presented to various government organizations, security companies and security conferences like BlackHat, DEFCON, HackMiami, Nullcon, etc.

Shubham has extensive experience in Offensive as well as Defensive security, Open Source Intelligence and Perimeter Security. He is also an active participant at Null - Open Security Community.

He works from the command line, uses vi and loves beer. Twitter: @upgoingstar


Asuka Nakajima

Asuka Nakajima

Asuka Nakajima is a researcher at the NTT Secure Platform Laboratories. She studied at the Faculty of Environment and Information Studies at the Keio University. Her research interests include reverse engineering, vulnerability discovery. She has been a member of the executive committee of SECCON (SECurity CONtest, the largest CTF organizer in Japan) since 2014. She is also a founder of "CTF for GIRLS", the first security community for woman in Japan. In the past, she has been a speaker at PHDays, AIS3(Advanced Information Security Summer School in Taiwan) and other information security events.

Twitter: @AsuNa_jp


Dr. Pamela O'Shea

Dr. Pamela O'Shea

Dr. Pamela O'Shea is Director of Shea Information Security, providing security consulting, training and penetration testing services to clients. Pamela is an industry lecturer at the Royal Melbourne Institute of Technology (RMIT) master's programme in cyber security and co-organises the OWASP AppSecDay Melbourne conference. She also runs the haXX group to provide free technical security classroom training and mentorship to women keen to break into the technical security field. Outside of consulting, teaching and research, Pamela plays with radio and satellite communications and runs the Melbourne CyberSpectrum meetup on Software Defined Radio (SDR).


Jennifer Savage

Jen Savage

Jen Savage is a security researcher for Threatcare. She has over a decade of experience in tech including penetration testing, vulnerability assessment, vulnerability management, software development, technical management, and consulting services for companies ranging from startups to the Fortune 100. Her primary research interests are in Web Application Security and the Internet of Things.


Ashley Shen

Ashley Shen

Ashley Shen is a security researcher at FireEye, where she focuses on hunting and analyzing advanced persistence threat. She specializes in threat hunting, malware analysis, reverse engineering, and targeted attacks research. Prior to FireEye, Ashley helped found Team T5, a threat research security company in Taiwan. She was also the cyber threat analyst for Team T5. For supporting women in InfoSec, Ashley co-founded "HITCON GIRLS" — the first security community for women in Taiwan. Ashley is also a regular speaker at global security conferences, including Black Hat, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCON and VXCON. Ashley also serves as a member of the Black Hat Asia review board where she evaluates research for briefings and training.


Orange Tsai

Orange Tsai

Cheng-Da Tsai (a.k.a. Orange Tsai), is the principal security researcher of DEVCORE, member of CHROOT security group and captain of HITCON CTF team. He has spoken at conferences such as Black Hat USA and ASIA, DEF CON, HITB, Hack.lu, CODEBLUE and WooYun. He is also the winner of Pwnie Awards 2019 for "Best Server-Side Bug"!

Orange participates in numerous CTF and won 2nd place in DEF CON CTF 22/25/27 as team HITCON. Currently, he is a 0day researcher and specialized in web/application security. He is enthusiastic about Remote Code Execution, and uncovered RCEs in several vendors, such as Facebook, Uber, Apple, Twitter, GitHub, Amazon, Netflix, Yahoo and Imgur.

Twitter: @orange_8361
Blog: blog.orange.tw


Yuji Ukai

Yuji Ukai

Yuji Ukai is the chief executive officer of FFRI, Inc, known as a technical opinion leader in Japanese security industry.

After completing his Ph.D. in computer science at the National University of Tokushima, he began his employment at Kodak research and development center in Japan where he worked on research and development for digital device and embedded security.

In 2003, he moved to United States and started working on development of vulnerability scanner product at eEye Digital Security as a Senior Software Engineer. He also worked for research of vulnerability analysis, vulnerability auditing, malware analysis, embedded system security, P2P network security, etc. as a Senior Research Engineer at eEye research group. In 2007, he moved back to Japan and became a co-founder of Fourteenforty Research Institute, Inc. Over the last several years, he discovered many critical security vulnerabilities affecting various software products as well as pioneered vulnerability analysis and exploitation of embedded system based on real time operating systems.


Neil Wyler

Neil R. Wyler (a.k.a. Grifter)

Neil R. Wyler (a.k.a. Grifter) is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently with RSA Security as an Advanced Security Operations Specialist. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 13 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. Neil is a member of the DEF CON CFP Review Board and Black Hat Training Review Board. Follow him on Twitter at @Grifter801.


Fyodor Yarochkin

Fyodor Yarochkin

Fyodor Yarochkin is a senior threat researcher at Trend Micro Taiwan and holds a PhD from EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a "happy" programmer, Fyodor made Taiwan his second home and been in the region for nearly two decades.Fyodor professional experience includes several years as a threat investigator and over eight years as a information security analyst responding to network security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at several conferences regionally and globally.

Twitter: @fygrave


Stefano Zanero

Stefano Zanero

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an assistant professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on mobile malware, malware analysis, and systems security. Besides teaching "Computer Security" at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 50 scientific papers and books. He is an associate editor for the "Journal in computer virology and hacking techniques". He's a Senior Member of the IEEE (covering volunteer positions at national and regional level), the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association), of which he is a fellow. He sits in the International Board of Directors of the same association. A long time op-ed writer for magazines (among which "Computer World"), Stefano is also a co-founder and chairman of Secure Network S.r.l., a leading Italian information security consulting firm, and a co-founder of 18Months, a cloud-based ticketing solutions provider.