David Litchfield

Last updated

David Litchfield (born 1975) is a British security expert and The Director of Information Security Assurance for Apple. Anne Saita, writing for Information Security magazine, called him along with his brother Mark Litchfield, "World's Best Bug Hunters" in December 2003. [1]

Contents

Computer security

Litchfield has found hundreds of vulnerabilities in many popular products, among which the most outstanding discoveries in products by Microsoft, Oracle and IBM. At the Blackhat Security Briefings in July 2002 he presented some exploit code to demonstrate a buffer overflow vulnerability he had discovered in Microsoft's SQL Server 2000. Then six months later, on 25 January 2003, persons unknown used the code as the template for the SQL Slammer Worm. [2]

After several years in vulnerability research, Litchfield made a move into Oracle forensics and has documented how to perform a forensic analysis of a compromised database server in a series of white papers – Oracle Forensics Parts 1 to 6. [3] He is in the process of researching and developing an open-source tool called the Forensic Examiner's Database Scalpel (F.E.D.S). [4]

Business and researcher

Litchfield founded a company named Cerberus Information Security which was acquired by @stake in July 2000. A year and a half later he founded Next Generation Security Software with three colleagues and his brother Mark and his father from @stake.

Under his leadership NGS won many top business and technical awards. These include the Queen's Award for Enterprise in 2007 awarded at Buckingham Palace by the Queen, Winner of the International Trade Award for Innovation in 2008 awarded at the House of Lords, Winner of the SC Award for Best Security Company in Europe in 2008 and Runners Up in 2007, as an individual David won the award for the Entrepreneur of South London in 2007 with many more other awards.

He is the author of various software packages, and also of many technical documents on security issues. He is the author of the Oracle Hacker's Handbook and is a co-author of the Database Hacker's Handbook, the Shellcoder's Handbook and SQL Server Security. He was also a contributing author for Special Ops.

David Litchfield is currently the Director of Information Security Assurance for Apple.

Related Research Articles

<span class="mw-page-title-main">Oracle Corporation</span> American multinational computer corporation

Oracle Corporation is an American multinational computer technology company headquartered in Austin, Texas, United States. In 2020, Oracle was the third-largest software company in the world by revenue and market capitalization. In 2023, the company’s seat in Forbes Global 2000 was 80. The company sells database software and cloud computing. Oracle's core application software is a suite of enterprise software products, such as enterprise resource planning (ERP) software, human capital management (HCM) software, customer relationship management (CRM) software, enterprise performance management (EPM) software, Customer Experience Commerce and supply chain management (SCM) software.

Defensive programming is a form of defensive design intended to develop programs that are capable of detecting potential security abnormalities and make predetermined responses. It ensures the continuing function of a piece of software under unforeseen circumstances. Defensive programming practices are often used where high availability, safety, or security is needed.

SQL Slammer is a 2003 computer worm that caused a denial of service on some Internet hosts and dramatically slowed general Internet traffic. It also crashed routers around the world, causing even more slowdowns. It spread rapidly, infecting most of its 75,000 victims within 10 minutes.

<span class="mw-page-title-main">Timeline of computer viruses and worms</span> Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

SAP ASE (Adaptive Server Enterprise), originally known as Sybase SQL Server, and also commonly known as Sybase DB or Sybase ASE, is a relational model database server developed by Sybase Corporation, which later became part of SAP SE. ASE was developed for the Unix operating system, and is also available for Microsoft Windows.

Oracle Database is a proprietary multi-model database management system produced and marketed by Oracle Corporation.

Tabular Data Stream (TDS) is an application layer protocol used to transfer data between a database server and a client. It was initially designed and developed by Sybase Inc. for their Sybase SQL Server relational database engine in 1984, and later by Microsoft in Microsoft SQL Server.

Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft. It runs exclusively on Windows Server operating systems.

<span class="mw-page-title-main">SQL injection</span> Computer hacking technique

In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

The following tables compare general and technical information for a number of relational database management systems. Please see the individual products' articles for further information. Unless otherwise specified in footnotes, comparisons are based on the stable versions without any add-ons, extensions or external programs.

Patch Tuesday is an unofficial term used to refer to when Microsoft, Adobe, Oracle and others regularly release software patches for their software products. It is widely referred to in this way by the industry. Microsoft formalized Patch Tuesday in October 2003. Patch Tuesday is known within Microsoft also as the "B" release, to distinguish it from the "C" and "D" releases that occur in the third and fourth weeks of the month, respectively.

<span class="mw-page-title-main">Microsoft Data Access Components</span> Framework

Microsoft Data Access Components is a framework of interrelated Microsoft technologies that allows programmers a uniform and comprehensive way of developing applications that can access almost any data store. Its components include: ActiveX Data Objects (ADO), OLE DB, and Open Database Connectivity (ODBC). There have been several deprecated components as well, such as the Jet Database Engine, MSDASQL, and Remote Data Services (RDS). Some components have also become obsolete, such as the former Data Access Objects API and Remote Data Objects.

William Genovese is a former greyhat hacker turned security professional, who goes by the alias illwill.

<span class="mw-page-title-main">HackThisSite</span> Organization

HackThisSite.org, commonly referred to as HTS, is an online hacking and security website founded by Jeremy Hammond. The site is maintained by members of the community after he left the organization. It aims to provide users with a way to learn and practice basic and advanced "hacking" skills through a series of challenges in a safe and legal environment. The organization has a user base of over a million, though the number of active members is believed to be much lower. The most users online at the same time was 19,950 on February 5, 2018 at 2:46 a.m.CT.

Database security concerns the use of a broad range of information security controls to protect databases against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural or administrative, and physical.

In computer science, attack patterns are a group of rigorous methods for finding bugs or errors in code related to computer security.

The Pwnie Awards recognize both excellence and incompetence in the field of information security. Winners are selected by a committee of security industry professionals from nominations collected from the information security community. Nominees are announced yearly at Summercon, and the awards themselves are presented at the Black Hat Security Conference.

The Java software platform provides a number of features designed for improving the security of Java applications. This includes enforcing runtime constraints through the use of the Java Virtual Machine (JVM), a security manager that sandboxes untrusted code from the rest of the operating system, and a suite of security APIs that Java developers can utilise. Despite this, criticism has been directed at the programming language, and Oracle, due to an increase in malicious programs that revealed security vulnerabilities in the JVM, which were subsequently not properly addressed by Oracle in a timely manner.

EternalBlue is computer exploit software developed by the U.S. National Security Agency (NSA). It is based on a vulnerability in Microsoft Windows that, at the time, allowed users to gain access to any number of computers connected to a network. The NSA had known about this vulnerability for several years but had not disclosed it to Microsoft yet, since they planned to use it as a defense mechanism against cyber attacks. In 2017, the NSA discovered that the software was stolen by a group of hackers known as the Shadow Brokers. Microsoft was informed of this and released security updates in March 2017 patching the vulnerability. While this was happening, the hacker group attempted to auction off the software, but did not succeed in finding a buyer. EternalBlue was then publicly released on April 14, 2017.

<span class="mw-page-title-main">BlueKeep</span> Windows security hole

BlueKeep is a security vulnerability that was discovered in Microsoft's Remote Desktop Protocol (RDP) implementation, which allows for the possibility of remote code execution.

References

  1. Saita, Anne (2003) Best Bug Hunters. Infosecuritymag.techtarget.com. Retrieved on 2 January 2014.
  2. David Litchfield talks about the SQL Worm in the Washington Post. Archive.cert.uni-stuttgart.de (29 January 2003). Retrieved on 2 January 2014.
  3. Oracle Forensics and Incident Response. databasesecurity.com
  4. Gray, Patrick (29 May 2007) Owning database forensicsy. theage.com.au.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.