360Vulcan Team is security team with world-class ability of vulnerability exploiting, high-level comprehensive ability of system security and excellent ability of product researching and development. It belongs to Qihoo 360, focusing on binary system vulnerability. Some members of 360Vulcan Team have been nominated for the MSRC TOP 100 and been awarded repeatedly with the Microsoft BlueHat Prize and the Microsoft Edge Project Spartan.
It took them 17 seconds to break the IE at Pwn2own 2015, which turns 360Vulcan Team into the first Asian champion team in the history of IE target at Pwn2own. This year, they made a new record in the history of Pwn2own by breaking the Adobe Flash Player and furthermore, breaking Chrome within 11 seconds at Pwn2own 2016. It is the first time for a team from China to break the Chrome, and the only champion of Chrome project at the contest. 360Vulcan Team has submitted nearly 100 high risk of security vulnerabilities to major software vendors, for instance, Microsoft, Google, Adobe and Apple. The total amount in 2015 went beyond all teams except Google Project Zero.
Pangu Lab is a security laboratory consisting of many senior security professionals with rich experience across a wide range of security research and industrial development. The members of the Pangu Lab discovered hundreds of 0day vulnerabilities in major operating systems and applications, and presented many papers and talks at the premier forums such as Black Hat, CanSecWest, Syscan, RUXCON, HITCon, PoC, XCon , IEEE S&P, USENIX Security, ACM CCS, and NDSS.
Pangu Lab’s current research focuses on mobile security. Team Pangu is known for its multiple releases of untethered jailbreak tools for iOS 7, iOS 8, and iOS 9. Team Pangu was also the first to jailbreak iOS 8 and iOS 9 in the world. Besides iOS, Pangu Lab also made great progress in Android security research, and developed various products for discovering vulnerabilities in Android apps, detecting malicious Android apps, and mining mobile threat information.
Kevin Borgolte is a PhD candidate at the University of California, Santa Barbara. He is an active member of the Shellphish Capture the Flag team,played with them various DEFCON CTFs in the past years, and qualified with some other selected members for the final round of DARPA's Cyber Grand Challenge, which came with $750,000 of prize money. Kevin has also been an organizer of the International Capture the Flag contest, the largest educational, longest running, and dubbed "most innovative" Capture the Flag contest, which is being held annually since 2001.
He published his research at top-tier academic security conferences like USENIX Security, ACM CCS, and WWW. In his research, he focuses on data-driven security and spans from web-based malware and threats to cybercrime, the underground economy, and large-scale abuse to the adversarial aspects of machine learning: breaking and evading existing systems using machine learning. Most recently, in his spare time, he started to dabble in automatic vulnerability discovery and exploitation. He responsibly disclosed various bugs of differing severity and was awarded bug bounties for some of them.
Thanh 'rd' Nguyen is the founder of VNSecurity, with 20 years of security experience focused on application security, low-level kernel, bios, firmware, chipset, micro-architecture and he has presented talks at several security conferences including BlackHat US, Hack In The Box, Deepsec, Pacsec...
Previously, Thanh has worked as a CPU Security Architect at Intel Corporation to secure several Intel next generation technologies including Mobile & SoC platforms, vPro & Management Engine, IvyBridge and Haswell microarchitecture.
In his free time, Thanh used to play a lot of Capture The Flag security contests with CLGT team and helped to organize those very first Capture The Flag events in Asia for HITB Security Conference over 10 years ago. He is also a member of the renowned security research group “The Hacker’s Choice”, which was the first group to e.g. crack A5 GSM in 2006 within a minute.
Byoungyoung Lee is a Ph.D candidate in Computer Science at the Georgia Institute of Technology, and he will join the Purdue University as an assistant professor in Fall 2016. His research is in the general area of computer security and privacy. In particular, his focus is in systems security, designing and implementing secure systems through analyzing and eliminating vulnerabilities.
Byoungyoung's research identified and helped to fix many security critical vulnerabilities in the major software including the Windows kernel, the Linux kernel, Chrome, Firefox, Safari, etc. He received the Internet Defense Prize by Facebook and USENIX and the best applied security research paper (the 3rd place) by CSAW. He is also an active CTF player, and participated DEFCON CTF finals multiple times.
More information to be updated...