PhotosBiographyFacebookTwitter

From Wikipedia, the free encyclopedia
Itzik Kotler
Born
Israel
Occupation(s) Entrepreneur
Inventor
Information security specialist
Known forCo-founder and CTO of SafeBreach
Website SafeBreach

Itzik Kotler is an Israeli entrepreneur, [1] inventor, [2] [3] and information security specialist [4] who is the co-founder and CTO of SafeBreach, an Israeli cybersecurity firm. [5] [6] Kotler was previously the Security Operation Center Team Leader at Tel Aviv-based Radware. [7] He has given multiple talks at DEF CON, the world's largest hacker convention. [8] [9] [10]

Career

Kotler is an autodidact and played with computers and programmed since an early age. He started his career with the Israel Defense Forces. [5] [11] After serving in the military, Kotler worked at Radware where he became the Security Operation Center Team Leader. [12] In 2009, Kotler (along with colleague, Tomer Bitton) demonstrated at DEF CON how a hacker could feasibly spread malware through software updates for applications like Skype. At the conference, Kotler and Bitton released a tool known as Ippon ("game over" in judo parlance) that could ask users on a public Wi-Fi network to update a specific application. If the users agreed, they would download malware instead of the updated version of the application. [7] [8]

Kotler left Radware in 2010 and joined a digital security firm, Security Art. Kotler served as the company's CTO. In May 2011, Kotler presented at the HackInTheBox conference in Amsterdam where he demonstrated how a Stuxnet-like malware could physically destroy servers in a permanent denial-of-service (PDoS) attack. [13] Later in 2011, Kotler and Iftach Ian Amit presented at DEF CON, demonstrating how a bot master could communicate with botnets and with "zombie machines" using VoIP conference calls. Their open-source software, Moshi, illustrated how they could send instructions to and receive data from botnets and infiltrated networks using any phone line (including payphones). [9] [14] Kotler also hosted a "Hack-a-thon" in 2011 with the goal of teaching hackers new techniques and improving information security. [4] [15]

After leaving Security Art, Kotler went on to co-found SafeBreach with Guy Bejerano in September 2014. [16] Kotler serves as the company's CTO. [5] In July 2015, SafeBreach announced that it had raised $4 million in funding from Silicon Valley-based Sequoia Capital and angel investor, Shlomo Kramer. [1] [6] One of the company's primary services is a simulated "war game" that seeks to find breaches in a network's system. [6]

Kotler is the author of "Reverse Engineering with LD_PRELOAD," an article published in 2005. [17] The article discussed how LD_PRELOAD can be abused in order to highjack functions and inject code and manipulate applications flow. [18] The same year, Kotler wrote for and presented at the 22nd Chaos Communication Congress. [19] His presentation "Advanced Buffer Overflow Methods" was used in various academic papers and conferences. [20] [21] [22] Additional work includes speaking at BlackHat USA and RSA Europe in 2008 on the topic of a prototype Javascript malware called Jinx, [23] [24] and organizing two additional hackathons proving the concept of Trojan in Python that infects Python files. [25]

References

  1. ^ a b "TechNation Bezeq Launches Smart' Home Monitoring System Featuring Camera and Door Monitors". Haaretz. 9 July 2015. Retrieved 21 September 2015.
  2. ^ Ligh, Michael Hale; Andrew Case; Jamie Levy; Aaron Walters (28 July 2014). The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory (1 ed.). Wiley. ISBN  978-1118825099.
  3. ^ Grant, Nicholas; Joseph Shaw II (7 October 2013). Unified Communications Forensics: Anatomy of Common UC Attacks. Syngress. ISBN  9780124046054.
  4. ^ a b "קבוצת Defcon Israel בכנס Hackathon ראשון" (in Hebrew). Geektime. 28 June 2011. Retrieved 21 September 2015.
  5. ^ a b c Weinglass, Simona (8 July 2015). "What would your enemy do? Israeli cybersecurity firm SafeBreach raises $4m". Geektime. Retrieved 21 September 2015.
  6. ^ a b c Goldenberg, Roy (8 July 2015). "Cyber security co SafeBreach raises $4m". Globes. Retrieved 21 September 2015.
  7. ^ a b Mills, Elinor (3 August 2009). "Using software updates to spread malware". CNET. Retrieved 21 September 2015.
  8. ^ a b "קבוצתחוקרים ישראליים מזהירים: תהליך העדכון של תוכנות חשוף להפצת מזיקים" (in Hebrew). PC.co. 3 August 2009. Retrieved 21 September 2015.
  9. ^ a b Greene, Tim (9 August 2011). "Defcon: VoIP makes a good platform for controlling botnets". Network World. Archived from the original on November 3, 2014. Retrieved 21 September 2015.
  10. ^ "חברים בוועדות תקינה אבטחת מידע". www.sii.org.il (in Hebrew). Standards Institute of Israel. Retrieved 21 September 2015.
  11. ^ Masserini, John Lucas (8 July 2015). "SafeBreach Raises $4 million In First Funding Round". Security Current. Retrieved 21 September 2015.
  12. ^ Kotler, Itzik (30 July 2008). "Web 2.0: Attack of the JavaScript malware". SC Magazine. Retrieved 21 September 2015.
  13. ^ Rubens, Paul (30 June 2011). "Stop Software Attacks From Destroying Your Servers". Serverwatch.com. Retrieved 21 September 2015.
  14. ^ Greene, Tim (10 August 2011). "10 scariest hacks from Black Hat and Defcon". Network World. Archived from the original on February 18, 2015. Retrieved 21 September 2015.
  15. ^ "ריצת המרתון של ההאקרים". Globes (in Hebrew). 27 June 2011. Retrieved 21 September 2015.
  16. ^ "סקויה ושלמה קרמר משקיעים 4 מיליון דולר בחברת אבטחת מידע ישראלית" (in Hebrew). TheMarker. 8 July 2015. Retrieved 21 September 2015.
  17. ^ Kotler, Izik (6 July 2005). "Reverse Engineering with LD_PRELOAD". Security Vulns. Retrieved 14 October 2015.
  18. ^ Ligh, Michael Hale (2014). The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory. John Wiley & Sons. ISBN  9781118824993.
  19. ^ "Advanced Buffer Overflow Methods or Smack the Stack". Chaos Communication Congress. 15 January 2007. Retrieved 14 October 2015.
  20. ^ Heelan, Sean (3 September 2009). "Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerables" (PDF). Univbersity of Oxford. Retrieved 14 October 2015.
  21. ^ "CSE 277 - Computer Security" (PDF). ECSD.edu. Retrieved 14 October 2015.
  22. ^ Muller, Tilo (17 February 2008). "ASLR Smack & Laugh Reference" (PDF). Seminar on Advanced Espoitation Techniques. Retrieved 14 October 2015.
  23. ^ "RSA Conference Europe 2008".
  24. ^ "Javascript to be next core malware language". itNews. 30 October 2008. Retrieved 20 October 2015.
  25. ^ Doherty, Stephen (7 October 2011). "THis Python Has Venom!". Symantec. Archived from the original on 6 December 2011. Retrieved 20 October 2015.

External links

Retrieved from " https://en.wikipedia.org/?title=Itzik_Kotler&oldid=1221433636"