Alexander Hagenah

Cyber Security Leader

As a proven cyber security leader with over a decade of experience managing, leading, and executing technical and operational tasks across a variety of global growth sectors. My agile approach allows me to quickly adapt to business changes and deliver exceptional solutions.

I have an extensive background working with law enforcement and intelligence agencies in over 50 countries, where I have been instrumental in the development and evaluation of cyber security systems and solutions to address the growing criminal presence in the cyber security realm.

My strong communication skills and ability to connect with technical teams, sales teams, and C-level executives make me a sought-after presenter at conferences such as for Interpol, Europol, ISS World and others focusing on innovative and groundbreaking methods for conducting cyber investigations and combatting cyber crime.

Since 2021, I am working for SIX, where I am building an in-house offensive security team to stay ahead of criminal hackers. Furthermore in 2022, I joined the Technical Advisory Board of HackerOne, the world's leading hacker-powered security platform.

Professional Experience

05/2021 - Present

Head Cyber Controls / Offensive Cyber Security Lead

SIX Group AG

Zurich, Switzerland
02/2023 - Present

Advisory Council Member

Harvard Business Review

Brighton, United States
07/2022 - Present

Technical Advisory Board

HackerOne

San Francisco, United States
04/2017 - 04/2021

Chief Technology & Innovation Officer

FinFisher

Munich, Germany
12/2009 - 04/2017

Senior Offensive Security Specialist

FinFisher

Dubai, United Arab Emirates
2007 - 2009

Senior Offensive Security Specialist

Confidential

Dubai, United Arab Emirates

Education

2022 - 2023

Executive Certificate, Cybersecurity Risk Management

Harvard University

Cambridge, MA, United States

Expertise

Key Skills

Information Security, Cyber Investigations, Penetration Testing & Social Engineering, Leadership & Management, Innovation, Information Security Governance, Complex Problem Solving, Lawful Interception, Information Risk Management & Compliance.

Public Speaking

Given a few dozen talks or consulted on several conferences such as for Interpol, Europol, ISS World and others. Topics varied and were about innovative and groundbreaking Cyber investigations methods.

Innovation

Identifies, prioritizes and successfully implements innovations with the greatest impact for meeting near- and longer-term business goals.

Leadership & Management

Sophisticated people skills and ability to deal with different cultures proven by successfully leading teams across several countries. Active curiosity, open-mindedness and sensitivity to different cultures.

Projects [1998 - 2005]

BitDefender for Mail Servers Malware Detection Bypass

Vulnerability in BitDefender for Mail Servers, which can be exploited by malware to bypass detection. The vulnerability is caused due to an error when parsing attachments and can be exploited via a specially crafted UUencoded mail with multiple attachments. Successful exploitation causes malware in an attachment to pass the scanning functionality undetected. The vulnerability has been reported in engine versions 1.6.1 and prior for Linux and FreeBSD.

zigstack

zigstack is for hardening the TCP/IP Stack (e.g. against DoS-Attacks) of Windows NT, 2000, XP, 2003-based workstations and servers.

xxpoof

Spoofed Packet Generator for Windows & DDoS network testing tool.

ipcshares

ipcshares can deactivate (or activate) the so-called IPC$-shares of WindowsNT, 2000 & XP computers. Those shares are enabled by default and can pose a security risk.

igmpflood

igmpflood is a simple tool for sending malformed IGMP packets to test the hardening of a target address.

RCON plaintext password exposure

RCON protocol is used to administrate your Half-Life/Counter- Strike Server. This advisory shows that it transmits the administrator password in plaintext over the wire.

CATCHiNG THE AiR STUFF (German)

A paper describing the basics, functionalities and security weaknesses in the IEEE 802.11 (WLAN) standard. Includes a CLI wifi scanner running on Linux/UNIX.

IIS anonymous lockout

Advisory on a default account used by the Microsoft IIS webserver for anonymous access which can be locked out. With this a website can be remotely shut down.

IIS ism.dll HTR truncation

Advisory affecting Microsoft IIS webserver 4/5 by calling ISM.DLL which allows appending a set of charaters to force the webserver to display the source code of the requested file.

HYPERLiNK-SPOOFiNG (German)

This document shows an attacking technique which allows to misuse secured connection like SSL.

SNiFFiNG FAQ (German)

This document describes how network sniffing works and how it can be (ab)used.

Contact

Email
ah@primepage.de
GPG Key [0x80DD8C331ACD3D0F]

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEZFTr0BYJKwYBBAHaRw8BAQdAeVssXCj+MVHCDeYRmoNezvjJCw9ugei2p7Xe
qurad9vNI0FsZXhhbmRlciBIYWdlbmFoIDxhaEBwcmltZXBhZ2UuZGU+wo8EExYI
ADcWIQSxIDYr2Ea2r447MnuA3YwzGs09DwUCZFTr0AUJBaOagAIbAwQLCQgHBRUI
CQoLBRYCAwEAAAoJEIDdjDMazT0Ptm0BALfd/li/mtnMgGalWQ5S+WpnCots0VBc
IcIcuWnXYu3OAQC5JtWZiG4lkiPruDe5jSCqa1QxuiD3QeCzT3NoOVwBDM44BGRU
69ASCisGAQQBl1UBBQEBB0CTMWsuqnFdMPCor072yrtXax0yi5/2e2xM+Pz9V/r0
UwMBCAfCfgQYFggAJhYhBLEgNivYRravjjsye4DdjDMazT0PBQJkVOvQBQkFo5qA
AhsMAAoJEIDdjDMazT0Pw/cA/1pxnfSEUM1hyEgkalQlNRFw3+/wP7W3IQqIgHFA
0H/9AP0ehc7cqEov3Dd0OZUP4DtcgaNtD+sGGy0J9C68vgQZDA==
=4PgC
-----END PGP PUBLIC KEY BLOCK-----