fbpx
Wikipedia

Alexander Sotirov

April 11, 2024

Alexander Sotirov is a computer security researcher. He has been employed by Determina[1] and VMware.[2] In 2012, Sotirov co-founded New York based Trail of Bits[3] with Dino Dai Zovi and Dan Guido, where he currently serves as co-CEO.

Alexander Sotirov
Alexander Sotirov
Born
Sofia, Bulgaria
Other namesAlex Sotirov
CitizenshipUnited States, Bulgaria
Alma materUniversity of Alabama
Known forPwnie award organizer, Black Hat Briefings Review Board Member
Scientific career
FieldsComputer Science

He is well known for his discovery of the ANI browser vulnerability[4] as well as the so-called Heap Feng Shui technique[5] for exploiting heap buffer overflows in browsers. In 2008, he presented research at Black Hat showing how to bypass memory protection safeguards in Windows Vista. Together with a team of industry security researchers and academic cryptographers, he published research on creating a rogue certificate authority by using collisions of the MD5 cryptographic hash function[6] in December 2008.

Sotirov is a founder and organizer of the Pwnie awards, was on the program committee of the 2008 Workshop On Offensive Technologies (WOOT '08),[7] and has served on the Black Hat Review Board since 2011.[8]

He was ranked #6 on Violet Blue's list of The Top 10 Sexy Geeks of 2009.[9]

References edit

  1. ^ John Markoff (2006-12-25). "Flaws Are Detected in Microsoft's Vista". The New York Times. Retrieved 2009-01-05.
  2. ^ Dennis Fisher. "VMWare loses top security researcher Sotirov and exec Mulchandani". Archived from the original on July 17, 2012. Retrieved 2009-01-05.
  3. ^ Bill Brenner. "Trail of Bits: An alliance of #infosec heavyweights". Archived from the original on 2013-01-21. Retrieved 2012-02-14.
  4. ^ "Vulnerability Note VU#191609: Microsoft Windows animated cursor stack buffer overflow". United States Computer Emergency Readiness Team. 2007-03-29. from the original on 22 January 2009. Retrieved 2009-01-03.
  5. ^ Alexander Sotirov. "Heap Feng Shui in JavaScript" (PDF). (PDF) from the original on 5 January 2009. Retrieved 2009-01-03.
  6. ^ Sotirov, Alexander; Marc Stevens; Jacob Appelbaum; Arjen Lenstra; David Molnar; Dag Arne Osvik; Benne de Weger (2008-12-30). "MD5 considered harmful today". from the original on 2 January 2009. Retrieved 2009-01-02.
  7. ^ "2nd USENIX Workshop on Offensive Technologies (WOOT '08)". from the original on 6 January 2009. Retrieved 2009-01-05.
  8. ^ "Black Bat Review Board". Retrieved 2012-06-09.
  9. ^ Violet Blue (20 December 2008). "Top10 Sexy Geeks 2009". Retrieved 2008-12-20.

External links edit

  • Alexander Sotirov's website
  • Trail of Bits
  • The Pwnie Awards

April 11, 2024
alexander, sotirov, computer, security, researcher, been, employed, determina, vmware, 2012, sotirov, founded, york, based, trail, bits, with, dino, zovi, guido, where, currently, serves, bornsofia, bulgariaother, namesalex, sotirovcitizenshipunited, states, b. Alexander Sotirov is a computer security researcher He has been employed by Determina 1 and VMware 2 In 2012 Sotirov co founded New York based Trail of Bits 3 with Dino Dai Zovi and Dan Guido where he currently serves as co CEO Alexander SotirovAlexander SotirovBornSofia BulgariaOther namesAlex SotirovCitizenshipUnited States BulgariaAlma materUniversity of AlabamaKnown forPwnie award organizer Black Hat Briefings Review Board MemberScientific careerFieldsComputer ScienceHe is well known for his discovery of the ANI browser vulnerability 4 as well as the so called Heap Feng Shui technique 5 for exploiting heap buffer overflows in browsers In 2008 he presented research at Black Hat showing how to bypass memory protection safeguards in Windows Vista Together with a team of industry security researchers and academic cryptographers he published research on creating a rogue certificate authority by using collisions of the MD5 cryptographic hash function 6 in December 2008 Sotirov is a founder and organizer of the Pwnie awards was on the program committee of the 2008 Workshop On Offensive Technologies WOOT 08 7 and has served on the Black Hat Review Board since 2011 8 He was ranked 6 on Violet Blue s list of The Top 10 Sexy Geeks of 2009 9 References edit John Markoff 2006 12 25 Flaws Are Detected in Microsoft s Vista The New York Times Retrieved 2009 01 05 Dennis Fisher VMWare loses top security researcher Sotirov and exec Mulchandani Archived from the original on July 17 2012 Retrieved 2009 01 05 Bill Brenner Trail of Bits An alliance of infosec heavyweights Archived from the original on 2013 01 21 Retrieved 2012 02 14 Vulnerability Note VU 191609 Microsoft Windows animated cursor stack buffer overflow United States Computer Emergency Readiness Team 2007 03 29 Archived from the original on 22 January 2009 Retrieved 2009 01 03 Alexander Sotirov Heap Feng Shui in JavaScript PDF Archived PDF from the original on 5 January 2009 Retrieved 2009 01 03 Sotirov Alexander Marc Stevens Jacob Appelbaum Arjen Lenstra David Molnar Dag Arne Osvik Benne de Weger 2008 12 30 MD5 considered harmful today Archived from the original on 2 January 2009 Retrieved 2009 01 02 2nd USENIX Workshop on Offensive Technologies WOOT 08 Archived from the original on 6 January 2009 Retrieved 2009 01 05 Black Bat Review Board Retrieved 2012 06 09 Violet Blue 20 December 2008 Top10 Sexy Geeks 2009 Retrieved 2008 12 20 External links editAlexander Sotirov s website Trail of Bits The Pwnie Awards Retrieved from https en wikipedia org w index php title Alexander Sotirov amp oldid 1167274089, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.