Timothy Morgan
VSR (as security consultant)
Biographical Sketch: Tim is credited with the discovery and responsible disclosure of several security vulnerabilities in commercial off-the-shelf and open source software including: IBM Tivoli Access Manager, Real Networks Real Player, Sun Java Runtime Environment, Google Chrome Web Browser, OpenOffice, and Oracle WebLogic Application Server. Tim develops and maintains several open source forensics tools as well as Bletchley, an application cryptanalysis tool kit.
Tim presented a training course on application cryptanalysis at AppSecUSA 2012. He regularly gives technical talks on a variety of security topics to local special interest groups and at private training sessions.
Papers:
What You Didn't Know About XML External Entities Attacks