Overview

As a director and consultant at Vantage Point Security Bernhard helps multinational corporations and government organization to protect themselves from current threats. He has found and published vulnerabilities in commercial software such as MS Internet Explorer and SQL Server, open source software, web applications and mobile operating systems, and written award-winning papers on topics ranging from DNS to smartphone security.

Work History

Work History
Jan 2005 - Dec 2011

Chief of Security Research

SEC Consult

Talks and publications

Diploma thesis: „Fas est ab hoste doceri / Buffer Overflow Exploits“, University of Applied Sciences of St. Poelten, 2004

Security advisories:

  • „ Macromedia Flash Player ActionDefineFunction Memory Corruption Vulnerability“ (CVE-2005-3591)
  • „Opera Browser CSS Attribute Integer Wrap / Buffer Overflow“ (CVE-2006-1834)
  • „Perdition IMAP Proxy Format String Vulnerability“ (CVE-2007- 5740)
  • „Microsoft SQL Server sp_replwritetovarbin Remote Memory Corruption Vulnerability“ (CVE-2008-5416)

Talks and workshops (examples):

  • “Penetration Testing in the Wild” – Technical university of Vienna, Februar 2006
  • “Finding hidden Security Vulnerabilities in Web Applications”, TRUST2008, March 2008
  • "Reverse Engineering with IDA Pro" – May 2006
  • “Why software always breaks: From phone lines to CPU threads”, IT SecX 2008, St. Poelten, October 2008
  • "Web application firewalls - an attacker's perspective" - OWASP Singapore 2013
  • "Hacking Multifunction Printers" - GovWare, Singapore, 2013

Papers (examples):

  • “In-process SSL packet injection”, released to Full Disclosure / Bugtraq, July 2008
  • Whitepaper: „Improved DNS spoofing using node redelegation”, released to Full Disclosure / Bugtraq, July 2008
  • Whitepaper: „From 0 to 0day on Symbian, released to Full Disclosure / Bugtraq Mailing Lists, July 2009, won Pwnie Award category “Most Innovative Research”, at Blackhat Las Vegas 2009 

Certifications

Certifications

CISSP #412290

ISC2

Skills

Skills

Code security review

Penetration Testing

Vulnerability Assessment