BlackBerry Product Security Incident Response Team

BlackBerry issues security notices when appropriate to inform customers about high-visibility software vulnerabilities that BlackBerry is investigating and has determined to impact supported BlackBerry products, and is working to address for supported BlackBerry products.

Customers can expect security notices to provide mitigations, workarounds, and authoritative guidance to reduce any potential risk. We do not follow a set schedule for issuing security notices, but rather release these notifications as needed to provide customers with information on how best to secure their products.

BlackBerry issues security bulletins to notify users of its BlackBerry powered by Android smartphones about available security fixes in its monthly Security Maintenance Release update. The bulletin is in response to the monthly Android Security Bulletin and addresses issues in that bulletin that affect BlackBerry powered by Android smartphones.

Customers can expect security bulletins to provide a complete list of security vulnerabilities fixed in the monthly Security Maintenance Release. BBPSIRT regularly releases security bulletins on the first Monday of the month. 

BlackBerry issues privacy notices to inform customers about third-party applications that do not clearly or adequately inform customers of how the app is accessing and possibly using their data. While such apps do not typically appear to have to have malicious objectives or aim to mislead customers, we want to provide customers with information regarding an app’s behavior in order for them to make an informed decision about whether to continue using the app.

Customers can expect privacy notices to include information about the application’s behavior, and how to remove it, if the customer determines that is the best course of action. We release privacy notices as needed on the third Tuesday of the month in order to provide customers with a predictable schedule for receiving information. 

BlackBerry issues malware notices to inform customers about third-party applications that contain code developed with malicious intent.

Customers can expect malware notices to provide them with details about the malware’s behavior, potential mitigations and guidance on how to remove it from their device. Similar to security notices, malware notices are released as needed to inform and protect customers, and there is no set schedule.

BlackBerry remains committed to providing customers a unique level of protection, especially as mobile devices are playing a greater role in their busy lives. By publicly releasing notices and security updates, we are providing customers with the tools and information that they need to help safeguard their BlackBerry products. Additionally, through this type of public disclosure, we are continuing to foster industry collaboration as we work to improve security for the mobile landscape overall. 

• QNX-2023-001 - Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP) (November 14, 2023)
• BSRT-2023-001 - Vulnerabilities in Management Console and Self-Service Impact AtHoc Server (September 12, 2023)

• QNX-2022-001 Vulnerability in QNX Neutrino Kernel Impacts QNX Software Development Platform (SDP), QNX OS for Medical, and QNX OS for Safety  (January 11, 2022)

• QNX-2021-002 Vulnerability in BMP Image Codec Impacts BlackBerry QNX Software Development Platform (SDP) (November 18, 2021)
• BSRT-2021-003 Vulnerabilities Impact BlackBerry Protect for Windows (November 9, 2021)
• QNX-2021-001 Vulnerability in the C Runtime Library Impacts BlackBerry QNX Software Development Platform (SDP), QNX OS for Medical, and QNX OS for Safety (August 17, 2021)
• BSRT-2021-002 Vulnerabilities in Management Console Impact BlackBerry UEM (May 11, 2021)
• BSRT-2021-001 Vulnerability in SAML Authentication Impacts BlackBerry Workspaces Server (deployed with Appliance-X) (May 11, 2021)
• BlackBerry Powered by Android Security Bulletin - February 2021 (February 8, 2021)
• BlackBerry Powered by Android Security Bulletin - January 2021 (January 22, 2021)

• BlackBerry Powered by Android Security Bulletin - December 2020 (December 22, 2020)
• BlackBerry Powered by Android Security Bulletin - November 2020 (November 25, 2020) 
• BlackBerry Powered by Android Security Bulletin - September 2020 (October 16, 2020) 
• BSRT-2020-003 Vulnerability in UEM Core Impacts BlackBerry UEM (October 13, 2020) 
• QNX-2020-001 Vulnerability in slinger web server Impacts BlackBerry QNX Software Development Platform (August 11, 2020)
• BlackBerry Powered by Android Security Bulletin - July 2020 (August 4, 2020)
• BlackBerry Powered by Android Security Bulletin - May 2020 (June 19, 2020) 
• BSRT-2020-002 Input Validation Vulnerability in Server Configuration Management Impacts BlackBerry Workspaces Server (deployed with Appliance-X) (June 9, 2020)
• BSRT-2020-001  Local File Inclusion Vulnerability in Apache Tomcat Impacts BlackBerry Workspaces Server and BlackBerry Good Control (April 14, 2020)
• BlackBerry Powered by Android Security Bulletin - March 2020 (March 25, 2020)

• BlackBerry Powered by Android Security Bulletin - December 2019 (January 6, 2020)
• BlackBerry Powered by Android Security Bulletin - November 2019 (November 27, 2019)
• BlackBerry Powered by Android Security Bulletin - October 2019 (October 28, 2019) 
• BlackBerry Powered by Android Security Bulletin - September 2019 (September 25, 2019)
• BlackBerry Powered by Android Security Bulletin - August 2019 (August 8, 2019)
• BlackBerry Powered by Android Security Bulletin - July 2019 (July 29, 2019)
• QNX-2019-001 Vulnerability in procfs service Impacts BlackBerry QNX Software Development Platform (July 11, 2019)
• BlackBerry Powered by Android Security Bulletin - June 2019 (June 10, 2019)
• BlackBerry Powered by Android Security Bulletin - May 2019 (May 24, 2019)
• BSRT-2019-002 Vulnerability in UEM Core Impacts BlackBerry UEM (April 17, 2019)
• BSRT-2019-001 Vulnerability in Management System Impacts BlackBerry AtHoc (March 12, 2019)
• BlackBerry powered by Android Security Bulletin - March 2019 (March 13, 2019) 
• BlackBerry powered by Android Security Bulletin - February 2019 (February 5, 2019)
• BlackBerry powered by Android Security Bulletin - January 2019 (January 29, 2019)

• BSRT-2018-005 Vulnerabilities in Management Console Affect Impacted Versions of BlackBerry UEM (December 18, 2018)
• BlackBerry powered by Android Security Bulletin - December 2018 (December 14, 2018)
• BlackBerry powered by Android Security Bulletin - November 2018 (November 5, 2018)
• BlackBerry powered by Android Security Bulletin - October 2018 (October 18, 2018)
• BSRT-2018-004 Information Disclosure Vulnerability in Management Console impacts UEM (October 9, 2018)
• BSRT-2018-003 Directory Traversal Vulnerability Affects the Connect Service of the BlackBerry Enterprise Mobility Server(September 18, 2018)
• BlackBerry powered by Android Security Bulletin - September 2018 (September 17, 2018)
• BlackBerry powered by Android Security Bulletin - August 2018 (August 30, 2018)
• BlackBerry powered by Android Security Bulletin - July 2018 (August 30, 2018)
• BlackBerry powered by Android Security Bulletin - June 2018 (June 18, 2018)
• BlackBerry powered by Android Security Bulletin - May 2018 (May 14, 2018)
• BlackBerry powered by Android Security Bulletin - April 2018 (May 14, 2018)
• BlackBerry powered by Android Security Bulletin - March 2018 (March 14, 2018)
• BSRT-2018-001 Vulnerability in UEM Management Console impacts UEM (March 13, 2018)
• BlackBerry powered by Android Security Bulletin - February 2018 (February 12, 2018)
• BlackBerry powered by Android Security Bulletin - January 2018 (January 15, 2018)

• BlackBerry powered by Android Security Bulletin - December 2017 (December 15, 2017)
• QNX-2017-001 Multiple vulnerabilities impact BlackBerry QNX Software Development Platform (November 14, 2017)
• BlackBerry powered by Android Security Bulletin - November 2017 (November 8, 2017)
• BlackBerry response to the impact of the vulnerabilities known as KRACK on BlackBerry products (October 27, 2017) Updated
• BlackBerry powered by Android Security Bulletin - October 2017 (October 27, 2017)
• BSRT-2017-006 Vulnerabilities in Workspaces Server components impact BlackBerry Workspaces (October 16, 2017)
• BlackBerry response to impact of the vulnerabilities known as BlueBorne on BlackBerry products (September 15, 2017)
• BlackBerry powered by Android Security Bulletin - September 2017 (September 6, 2017) Updated
• BlackBerry powered by Android Security Bulletin - August 2017 (August 14, 2017)
• BSRT-2017-005 Vulnerability in Workspaces Server components impacts BlackBerry Workspaces SAML-IDP bridge  (August 9, 2017)
• BlackBerry powered by Android Security Bulletin - July 2017 (July 5, 2017)
• BlackBerry powered by Android Security Bulletin - June 2017 (June 5, 2017)
• BSRT-2017-004 Vulnerability in UEM Management Console impacts UEM (May 9, 2017)
• BlackBerry powered by Android Security Bulletin - May 2017 (May 5, 2017)
• BlackBerry powered by Android Security Bulletin - April 2017 (April 6, 2017)
• BlackBerry powered by Android Security Bulletin - March 2017 (March 7, 2017)
• BlackBerry powered by Android Security Bulletin - February 2017 (February 6, 2017)
• BSRT-2017-003 Vulnerability in WatchDox Server components impacts WatchDox by BlackBerry (January 10, 2017)
• BSRT-2017-002 Information disclosure vulnerability affects BES12 (January 10, 2017)
• BSRT-2017-001 Vulnerability in BES Core impacts BES12 (January 10, 2017)
• BlackBerry powered by Android Security Bulletin - January 2017 (January 3, 2017)

• BSRT-2016-008 Remote shell execution vulnerability affects Good Enterprise Management Server (December 14, 2016)
• BlackBerry powered by Android Security Bulletin - December 2016 (December 5, 2016)
• BlackBerry powered by Android Security Bulletin - November 2016 (November 7, 2016)
• BlackBerry powered by Android Security Bulletin - October 2016 (October 3, 2016)
• BlackBerry powered by Android Security Bulletin – September 2016 (September 6, 2016)
• BSRT-2016-007 Vulnerability in Qualcomm kernel driver impacts BlackBerry powered by Android smartphones - August 15, 2016
  
• BlackBerry powered by Android Security Bulletin – August 2016 - August 1, 2016
  
• BSRT-2016-006 Information disclosure vulnerability affects Good Control Server - July 12, 2016
  
• BlackBerry powered by Android Security Bulletin – July 2016 - July 6, 2016
  
• BlackBerry powered by Android Security Bulletin – June 2016 - June 6, 2016
  
• BlackBerry powered by Android Security Bulletin – May 2016 - May 2, 2016
• Privacy Notice – Card Games for US apps - April 19, 2016
  
• BSRT-2016-005 Vulnerability in BES12 Management Console impacts BES12 - April 12, 2016
  
• BSRT-2016-004 Vulnerabilities in BES12 Management Console impact BES12 - April 12, 2016
  
• BSRT-2016-003 Vulnerability in BES12 Management Console impacts BES12 - April 12, 2016
  
• BlackBerry powered by Android Security Bulletin – April 2016 - April 4, 2016
  
• BSRT-2016-002 Vulnerability in Android/Linux kernel impacts BlackBerry PRIV smartphones - March 23, 2016
  
• Privacy Notice – 1RoughEdge apps - March 15, 2016
  
• BlackBerry powered by Android Security Bulletin – March 2016 - March 7, 2016
  
• BSRT-2016-001 Vulnerabilities in BES12 Management Console impact BES12 - February 17, 2016
  
• BlackBerry powered by Android Security Bulletin – February 2016 - February 1, 2016
  
• BlackBerry powered by Android Security Bulletin – January 2016 - January 4, 2016

• BlackBerry powered by Android Security Bulletin - December 2015 - December 7, 2015
  
• BSRT-2015-002 Vulnerability in BES12 Management Console impacts BES12 - November 10, 2015
  
• BSRT-2015-001 Vulnerability in Codec Demux shipped with BlackBerry Link - July 14, 2015
• Privacy Notice - Digital Publishing Asia apps - June 16, 2015
• BlackBerry response to OpenSSL "FREAK" vulnerability - March 12, 2015 Updated
• Malware Notice - Hill Racer - March 11, 2015

• BlackBerry response to reports of tethered jailbreak vulnerabilities - Dec. 26, 2014
• BlackBerry response to SSLv3 "POODLE" vulnerability - Oct. 20, 2014 Updated
• BSRT-2014-008 Vulnerability in BlackBerry World service affects BlackBerry 10 smartphones - Oct. 14, 2014
• BSRT-2014-007 Information disclosure vulnerability affects BlackBerry Enterprise Service 10 and BlackBerry Enterprise Server 5.0.4 - Aug. 12, 2014
• BSRT-2014-006 Vulnerability in file sharing service affects BlackBerry Z10, BlackBerry Z30, BlackBerry Q10, and BlackBerry Q5 smartphones - Aug. 12, 2014
• BlackBerry response to OpenSSL vulnerabilities - June 24, 2014 Updated
• BSRT-2014-005 Information disclosure vulnerability in OpenSSL affects BlackBerry products - May 13, 2014
• BSRT-2014-004 Vulnerabilities in Adobe Flash impact BlackBerry Z10, BlackBerry Q10, and BlackBerry Q5 smartphone software - May 13, 2014
• BlackBerry response to OpenSSL "Heartbleed" vulnerability - April 10, 2014 Updated
• BSRT-2014-003 BSRT-2014-003 Vulnerability in qconnDoor service affects BlackBerry 10 smartphones - April 8, 2014
• Privacy Notice - PT. Linktone Indonesia Apps - Feb. 18, 2014 Updated
• BSRT-2014-002 Information disclosure vulnerability affects BlackBerry Enterprise Service 10, Universal Device Service 6 and BlackBerry Enterprise Server 5.0.4 - Feb. 11, 2014 Updated
• BSRT-2014-001 Vulnerabilities in Adobe Flash impact BlackBerry Z10 and BlackBerry Q10 smartphone and BlackBerry PlayBook tablet software - Jan. 14, 2014

• Privacy Notice - mxData Ltd Apps - Nov. 19, 2013 Updated
• BSRT-2013-012 Vulnerability in remote file access feature impacts BlackBerry Link - Nov. 12, 2013
  
• BSRT-2013-011 Vulnerability in BlackBerry Universal Device Service wrapper impacts BlackBerry Enterprise Service 10 - Oct. 8, 2013 Updated
• Privacy Notice - Enthuon, FunDo, KuchhBhi4U Apps - Sept. 17, 2013
• BSRT-2013-010 Vulnerability in Webkit browser engine impacts BlackBerry Z10 smartphone software - Sept. 10, 2013
• BSRT-2013-009 Vulnerabilities in libexif impact BlackBerry PlayBook tablet software - Sept. 10, 2013
• BSRT-2013-008 Vulnerability in Webkit browser engine impacts BlackBerry Z10 smartphone and BlackBerry PlayBook tablet software - Sept. 10, 2013
• BSRT-2013-007 Vulnerabilities in Adobe Flash Player version included with the BlackBerry Z10 and BlackBerry Q10 and BlackBerry PlayBook tablet software - Sept. 10, 2013
• BSRT-2013-006 Vulnerability in BlackBerry Protect impacts BlackBerry Z10 smartphone software - June 11, 2013 Updated
• BSRT-2013-005 Vulnerability in Adobe Flash Player version included with the BlackBerry Z10 smartphone and the BlackBerry PlayBook tablet software - June 11, 2013
• BSRT-2013-004 Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software - May 14, 2013
  
• Privacy Notice - InMobiles Apps - March 7, 2013 Updated
• BSRT-2013-003 Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution - Feb. 12, 2013 Updated
  
• Privacy Notice - NumberBook - Feb. 1, 2013
  
• BSRT-2013-002 Vulnerability in Samba service impacts BlackBerry PlayBook tablet file sharing - Jan. 8, 2013
• BSRT-2013-001 Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software - Jan. 8, 2013

• BSRT-2012-003 Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software - Aug. 2, 2012 Updated
• BSRT-2012-002 Vulnerability in WebKit browser engine impacts BlackBerry 6, BlackBerry 7, BlackBerry 7.1 and BlackBerry PlayBook tablet software - Mar. 2, 2012
• BSRT-2012-001 Vulnerability in Samba service impacts BlackBerry PlayBook tablet file sharing - Feb 21, 2012 Updated

• Elevation of privilege vulnerability in file sharing capability impacts the BlackBerry PlayBook tablet software - December 06, 2011
• Vulnerability in a component of the BlackBerry Enterprise Server could allow one enterprise instant messaging user to impersonate another - October 11, 2011
• Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet - October 6, 2011
• Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution - August 9, 2011
• Vulnerability in a BlackBerry Enterprise Server component could allow information disclosure and partial Denial of Service - July 12, 2011
• Vulnerabilities in Adobe Flash Player included with the BlackBerry PlayBook tablet software - June 20, 2011
• Cross-site scripting (XSS) vulnerability in the BlackBerry Web Desktop Manager component of the BlackBerry Enterprise Server - April 12, 2011
• Vulnerabilities in Apache Tomcat implementation impact BlackBerry Enterprise Server components - April 12, 2011
• Partial Denial of Service (DoS) in the BlackBerry browser application - January 11, 2011
• Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - January 11, 2011

• Vulnerability in the security of BlackBerry device backups using the BlackBerry Desktop Software - Dec. 15, 2010
• Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Dec. 14, 2010 Updated
• Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Oct. 13, 2010
• Insecure library loading in the BlackBerry Desktop Software - Sep. 9, 2010
• Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Dec. 1, 2009 Updated
• Vulnerability in the BlackBerry Desktop Manager allows remote code execution - Nov. 3, 2009 Updated
• BlackBerry Browser dialog box does not clearly indicate mismatches between web site domain names and associated certificates - Sep. 28, 2009 Updated
• Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - May 26, 2009 Updated
• Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Apr. 16, 2009 Updated
• Cross site scripting vulnerability in the BlackBerry Enterprise Server MDS Connection Service - Apr. 16, 2009
• Vulnerability exists in BlackBerry Application Web Loader ActiveX control - Feb. 10, 2009 Updated
• Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Jan. 12, 2009
• Updating an ActiveX control that the Roxio Media Manager uses - Nov. 27, 2008 Updated
• Recommendation on the use of administrative roles in the BlackBerry Manager - Nov. 26, 2008 Updated
• Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server - Jul. 10, 2008 Updated
• Updating the Microsoft® GDI component that the BlackBerry® Attachment Service uses - Apr. 28, 2008 Updated
• TeamOn Import Object ActiveX control vulnerability - May 9, 2007 Updated
• SIP INVITE vulnerability in From field format string on the BlackBerry® 7270 smartphone - Mar. 27, 2007
• BlackBerry 7270 smartphone does not handle SIP INVITE messages properly - Mar. 27, 2007
• SIP INVITE URI user name format string vulnerability in the BlackBerry 7270 smartphone - Mar. 27, 2007
• Protecting the BlackBerry device and BlackBerry® Enterprise Server against malware - Mar. 20, 2007
• Temporary denial of service in the BlackBerry® Browser - Mar. 11, 2007
• Denial of service on the BlackBerry Router - May 10, 2006
• Browser dialog box not properly dismissed after downloading a corrupt JAD file - May 4, 2006
• Corrupt Word file may cause buffer overflow in the BlackBerry Attachment Service - Feb. 9, 2006
• Corrupt TIFF file may cause heap overflow resulting in denial of service in the BlackBerry Attachment Service - Jan. 20, 2006
• Corrupt PNG file may cause heap overflow in the BlackBerry Attachment Service - Jan. 6, 2006
• RIM analysis of buffer overrun in decompression algorithm - Jun. 7, 2005
• HexView advisory on BlackBerry device buffer overflow and data loss - Oct. 29, 2004

• Devansh Chauhan - https://www.linkedin.com/in/devansh-chauhan-b36b6a1b1?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app
• Yash Kulkarni - https://in.linkedin.com/in/yash-kulkarni-065298265
• ROCK PRATAP SINGH - https://www.linkedin.com/in/rock-pratap-singh-92a28928b
• Tabassum - https://www.linkedin.com/in/tabassum-084a69115
• Infoziant Security - https://infoziantsecurity.com/
• Ishwar Kumar - www.linkedin.com/in/ishwar-kumar-214341284
• Durvesh Kolhe - https://www.linkedin.com/in/durvesh-kolhe-012b54211
• Fat Selimi - https://www.linkedin.com/in/fatselimi
• Ori Levi - https://www.linkedin.com/in/orilevicyber/
• Aditya Singh - https://www.linkedin.com/in/aditya-singh4180

• Harsh Verma (synacktra) - https://www.linkedin.com/in/harsh-verma-2401a0224/
• Pauras Patil - https://www.linkedin.com/in/pauras-patil-7469b4190/
• Milan Jain (Scriptkiddie) - https://linkedin.com/in/milan-jain-scriptkiddie-50a738213 
• Faizan Ahmed - http://linkedin.com/in/faizan-ahmed-830444236  
• Prakash Chand Thakuri - https://www.linkedin.com/in/prakashchand72/
• Vinit Lakra - https://www.linkedin.com/in/vinithacker/
• Hemant Kashyap - https://twitter.com/Herry51130182
• Rohan Prasad Gupta - https://www.linkedin.com/in/rohan-gupta-2209a9190
• Madhurendra Kumar - https://www.linkedin.com/in/m14r41/
• Eusebiu Daniel Blindu - https://twitter.com/simtobos
• NITIN YADAV - https://www.linkedin.com/in/nitin-yadav-11b523223
• Satyam Singh - https://www.linkedin.com/in/satyam-singh-893306221/
• Love Yadav - https://www.linkedin.com/in/love-yadav-5159611a3/
• Hemant Relhan - https://www.linkedin.com/in/hemant-relhan-13503513b
• Sugumaran J - https://www.linkedin.com/in/sugumaranj
• SALAH EDDINE LOUFFIDI - https://www.linkedin.com/in/salah-eddine-louffidi/
• Vinayak Sakhare - https://www.linkedin.com/in/vinayak-sakhare-63b343119/
• Milan jain(scriptkiddie) - https://www.linkedin.com/in/milan-jain-scriptkiddie-50a738213?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_contact_details%3BIK4eI%2FPYRtugVVpqq6vzsQ%3D%3D
• NILESH AGRAWAL KOYO - https://twitter.com/koyohere
• Fredric Carl - https://www.linkedin.com/in/fdcarl
• Ereshwari Valmik - https://www.linkedin.com/in/ereshwari-valmik/
• Yash kushwah (@cyberyash951) - https://www.linkedin.com/mwlite/in/yash-kushwah-a80449229
• Harsh Bhanushali - http://linkedin.com/in/harshbhanushali
• Khadir Osama Khadir - https://twitter.com/_naplon
• LawSoul from SentinelX -  CMC CyberSecurity RedTeam at https://cmccybersecurity.com/
• Ritik Jangra - https://www.linkedin.com/in/ritik-jangra-03b80a21b
• Krishna Agarwal (@Kr1shna4garwal) - https://www.linkedin.com/in/kr1shna4garwal
• Dzmitry Smaliak - https://twitter.com/haxxm0nkey
• Tolgahan Demirayak - https://www.linkedin.com/in/tolgahandemirayak/
• Ramansh Sharma - https://www.linkedin.com/in/ramansh-sharma/
• Jan Kopec - Lexfo Security - https://twitter.com/blogresponder https://twitter.com/LexfoSecurite
• Swapnil Patil - https://www.linkedin.com/in/swapnil-patil-68a639237
• Amit Kumar Biswas, Security Analyst of Avalance Global Solutions - https://twitter.com/Amitlt2
• Zhe Jing
• Biswajeet Ray - https://www.linkedin.com/in/biswajeet-ray-397742200
• Shirshak Roy - https://www.linkedin.com/in/shirshak-roy-644a971b8/
• RAAJESH G - Infoziant Security - https://infoziantsecurity.com/
• Nikhil Rane - https://www.linkedin.com/in/nikhil-rane-31733a217
• Sick Codes* - https://twitter.com/sickcodes  https://www.linkedin.com/in/sickcodes/ 
• Zythop - https://twitter.com/HaboubiAnis
• Cristi - https://twitter.com/CristiVlad25   https://leakix.net/u/cristi
• Kyaw Myo Han - https://twitter.com/ChrishSec https://github.com/ChrishSec
  
• Roni Baghdady - http://linkedin.com/in/roni-b-4996471b1

• Kyaw Myo Han - https://twitter.com/ChrishSec https://github.com/ChrishSec
  
• Aniruddh Mistry - https://twitter.com/Aniruddh_Mistry  https://linkedin.com/in/aniruddh-mistry-b8540069
  
• Ahmad Henry Mansour - https://twitter.com/Ahmad_Mansourr
• Abilash. V.L - https://abilashvl.info  https://twitter.com/AbilashVL
• Ebrahim Mahrous Hassan Aref - https://www.linkedin.com/in/ebrahim-aref-8978261b6/
• Flaviu Popescu - https://flaviu.io
• Daniel Yagudayev - https://www.linkedin.com/in/daniel-yagudayev-cissp-b900b6ba/
• Mohammed Adam - https://www.linkedin.com/in/mohammedadam24
• Gaurang Maheta - https://www.linkedin.com/in/gaurang883
• Niko Nazila Daelami  - https://mobile.twitter.com/Hz3666ghost
• Swapnil Kothawade - https://www.linkedin.com/in/swapnil-kothawade-813854a7/
• Aytac Kalinci* - https://www.linkedin.com/in/aytackalincii/
• Adarsh VS - https://www.linkedin.com/in/adarsh-vs/
• Pethuraj M - https://www.pethuraj.com
• RAAJESH.G* - https://www.linkedin.com/in/raajesh-258a93173/
  
• Jebarson Immanuel - https://www.linkedin.com/in/jebarson-immanuel/
• Hoang Quoc Thinh (@g4mm4) from RedTeam of VNG Corp - https://www.vng.com.vn
• Nitin Bhangare - https://www.linkedin.com/in/nitin-bhangare-3b248383/
• Vikas Yadav - Twitter: @Mrrobot1o1
• Ravindra Dagale - https://www.linkedin.com/in/ravindra-dagale-5b0913151/
• Daniel Blindu - https://twitter.com/eblindudaniel
• Nilesh Yadav - https://www.linkedin.com/in/nilesh-yadav-43b6b716b/
• Harinder Singh(S1N6H) - https://www.linkedin.com/in/lambardar
• Yingjie Cao* - Sky-Go Team, Qihoo 360 Group
• Gourab Sadhukhan - https://www.linkedin.com/in/gourab-sadhukhan-71158216a/
• Mohd.Danish Abid - https://www.linkedin.com/in/mohd-danish-abid-2083401b3
• Aswin Krishna - https://twitter.com/733n_wolf
• Hasibul Hasan Rifat - https://twitter.com/rifatsec
• Alan Abhilash - https://twitter.com/alan_abhilash
• Tony Marcel Nasr - https://www.linkedin.com/in/tony-nasr
• Divya Singh - @Dgirlwhohacks
• Hariprasaanth R* - www.linkedin.com/in/hariprasaanth
• Muhammad Asjad Sheikh - https://www.linkedin.com/in/asjadd/

• Daniel Yagudayev - https://www.linkedin.com/in/daniel-yagudayev-cissp-b900b6ba/
• Harshal S. Sharma - https://www.linkedin.com/in/harshalss-war10ck/
• ahmad alassaf - https://www.linkedin.com/mwlite/in/ahmad-alassaf-63811218a
• Pritam Dash - https://linkedin.com/in/pritam-dash-116931171/
• Xie Ziming and Yan Minrui, 360 SkyGo Team
• Naveen Kumawat(nvk) - https://twitter.com/nvk0x
• Jeya Seelan S - https://www.linkedin.com/in/jeyaseelans
• Omar Khaled Amin ( powerjacobb1 )
  
• Nandigama Sai Shankar - https://www.linkedin.com/in/nandigama-sai-shankar-38b562147
• Kirtan Patel - https://www.linkedin.com/in/kirtan-patel-02a239166
• Talib Nadeem Usmani, Honeywell Cybersecurity CoE - HCE - https://www.linkedin.com/in/talib-usmani/
• Pankaj Upadhyay* - https://pankajupadhyay.in/
• Mohamed Saqib C - https://www.linkedin.com/in/mohamed-saqib
• Drew Green & Ken Smith, Bank of America
• Wai Yan Aung, @waiyanaun9
•  Nikhil Sahoo - https://www.linkedin.com/in/nikhil-sahoo-87204b106/
• Janmejaya Swain - https://www.linkedin.com/in/janmejayaswainofficial
  
• Agrah Jain - https://www.linkedin.com/in/agrahjain
• Aswin S - https://www.linkedin.com/in/aswin-s-bb2371180
• Prakash Kumar Parthasarathy - https://www.linkedin.com/in/prakashofficial
• Team from Robert Bosch Engineering and Business Solutions
  • Debojyoti Bhattacharya    https://in.linkedin.com/in/debojyoti-bhattacharya-2777655
  • Rajat Jaiswal                      https://www.linkedin.com/in/rajat-jaiswal-77033b156
  • Basavaraj Kurugod            https://www.linkedin.com/in/basavaraj-kurugod-642712163
  • Sandeep Parvatikar           https://www.linkedin.com/in/sandeep-parvatikar-28a32623
• Zin Min Phyo - https://www.facebook.com/zinminphy0
• Bala Elangovan - https://www.linkedin.com/in/bala-elangovan-145b50198/
• Neel Vishwakarma
• Arshad Kazmi - https://twitter.com/arshadkazmi42
• Harsh Rajesh Parekh - https://www.linkedin.com/in/harsh-parekh-8b31211a1
• Shivang Trivedi - https:/www.linkedin.com/in/shivang-triedi-a149b2190/
• Mehmet Can GÜNES - https://twitter.com/mehmetcangunes
• Pratik Dabhi - https://in.linkedin.com/in/pratikmdabhi

• Abid Gul Shahid *
• An Phuoc Trinh, @_tint0
• Wai Yan Aung @waiyanaun9
• Kasper Karlsson https://omegapoint.se/
• B.Dhiyaneshwaran
• Michael Magdy @michael74301043
• Dr. Harsh Joshi - https://facebook.com/harshjoshi.85
• Ahmad Halabi - https://www.facebook.com/dragon.shaheen1
• Karann Salunke - @baabayaga07
• Hunter Abubakar - @hunterabubakar
• Pranshu Tiwari
• N. Karthik http://linkedin.com/in/karthik-kumar-reddy-3b10b4128
• S.P. Vasantha Kumar, Vishnu Raj -  Infoziant 
• Ketan Madhukar Mukane @eSecHax0r
• Octav Opaschi, Detack GmbH - detack.de
• Tinu Tomy @TinuRock007
• Sajjan Singh Nehal www.fastcreatorz.com
• Pan Chau, Anchor Capital Advisors, LLC
• Sameer Phad
• Mustafa Diaa - @c0braBaghdad1
• Angel Tsvetkov https://www.facebook.com/Angel.xkorem
• Tomer Bar - Bug Sec - https://www.linkedin.com/in/tomer-bar-9b15aa137/
• Vishal K Bharad - https://www.linkedin.com/vishal-bharad
• Tijo Davis - https://www.linkedin.com/in/tijo-davis-a906a7141
• YoKo Kho - @YoKoAcc - RnD at Mahapatih Sibernusa Teknologi, PT
• Lorenzo Pirondini, Netcentric, a Cognizant Digital Business - https://www.linkedin.com/in/lorenzo-pirondini
• Pankaj Kumar Thakur (Nepal) - https://linkedin.com/in/pankaj1261
• Lutfu Mert Ceylan - https://linkedin.com/in/lutfumerceylan

• Samet Sahin @F4LCONE_
• SKP facebook.com/sumit.patel.0982
• Amine HM
• Ali Hassan Ghori | Danish Tariq  DANALWEB 
• Tayyab Qadir facebook.com/tqMr.EditOr
• Dhaval Ramani facebook.com/erdhaval.patel
• Karthikeyan Subramaniyan
• Emad Shanab @Alra3ees 
• Sara Badran
• Wai Yan Aung @waiyanaun9
• An Phuoc Trinh, @_tint0
• Rafael Pedrero Rodriguez - Telefonica Spain
• Rupert Applin

• Vineet Kumar @the_real_clown 
• Suyog Palav
• Kenan Genç
• Sadik Shaikh https://www.extremehacking.org/
• Akbar kp www.facebook.com/aKx.nInja
• João Filho Matos Figueiredo github.com/joaomatosf
  
• Mahmoud Osama @Mahmoud0x00
• Sarankumar VB  facebook.com/saranvbz
• Mohd Aqeel Ahmed (Ciph3r00t) facebook.com/ciph3r00t
  
• Suleman Malik @sulemanmalik_3
  
• Jon Bottarini @jon_bottarini
• Sadik Shaikh https://www.extremehacking.org/

• Rahmat Nurfauzi
  
• Adam Aiken
  
• Mrityunjoy Emu
  
• Md Sameull Islam
  
• Joe Balhis
  
• Ali Salem Saeed ( Ali BawazeEer ) 
  
• Shivbihari Pandey
  
• Himanshu Mehta
  
• Daher Mohamed
  
• Ye Yint Min Thu Htut
  
• Jose Carlos Exposito Bueno
  
• Mohammed Abd Elmageed Eldeeb
  
• Latish Danawale, Pristine Infosolutions
  
• Jay K Patel
  
• Daniel Bakker
  
• Mohamed Abdelbasset Elnouby, Seekurity Inc.
  
• Yogendra Jaiswal(mogli)
  
• Chris Novakovic, Imperial College London
  
• Azam of Sandjaya @TheRealAzams
  
• Sajibe Kanti
  
• Sami Drif
  
• Kiran Karnad
  
• Saurabh Pundir of Torrid Networks Pvt Ltd
  
• Christoph Haas of Securai
  
• Nicodemo Gawronski of Sec-1 Ltd
  
• Maciej Grabiec of ING Services Polska
  
• Teemu Kääriäinen
  
• Harsh Jaiswa of Bugdisclose
  
• Armaan Pathan 
  
• Alec Blance
  
• Ayoub Nait Lamine, Technawi
  
• Muhammad Osama
  
• Glenn Whatley, Protec UK

• Shahmeer Amir @shahmeer_amir; Maad Security
  
• Ahmed Khouja
  
• Chandrakant Nial
  
• Manish Agrawal
  
• Mohd Arbaz Hussain
  
• Gritli Skander
  
• Geetanjali Das, TCS
  
• Gerardo Venegas
• OthmaneTamagart aka 0thm4n@WhiteHatSec
• Nikhil Mittal
• Ratna Sekhar
• Tilak Ranjan Sarangi
• Arun Kumar Agrawalla
• Pratik Satapathy
• Mohamed Chamli
• Karim Mohamed Ahmed
• Mennouchi Islam Azeddine
• ALI KASMOU
• Mohammad Abuhassan
• Yakov Shafranovich, Shaftek Enterprises LLC
  
• YoKo Kho @YoKoAcc
  
• Aaditya Purani, website
  
• Pratyush Anjan Sarangi
  
• Charlie Hothersall-Thomas, Netcraft
  
• Sergio Maffeis, Imperial College London
  
• Chris Novakovic, Imperial College London
  
• Adam Lange, @AdamLangePL
  
• Sachin Wagh
  
• DirtyThy, @DirtyThy
  
• Cyber Warrior Bug Researchers
  
• Michal Koczwara
  
• Muhammad Zeeshan
  
• Karim Rahal
  
• Nehal S.Ghoratkar
  
• Ahmed Adel Abdelfattah
  
• Murat YILMAZLAR
  
• Tayyab Qadir
  
• Danyal Zafar
  
• Rui Silva
  
• Ahmed Y. Elmogy
  
• Khair Alhamad @Khair_Alhamad
  
• Bayrem Ghanmi; Zenzemi Amine; Dorra Mimita Tunisian White hat Security; Ben khlifa fahmi Tunisian White hat & ArabOUG Security 
• Nilesh Sapariya
  
• Russel Van Laurio
  
• Muhammed Gamal Fahmy
  
• Konduru Jashwanth ( ProEmTech Infosystems Private Limited)
  
• Sree Visakh Jain
  
• Mohamed Khaled Fathy
• Ahmet Can TUNÇKILIÇ
  
• C Vishnu Vardhan Reddy twitter
  
• Dinesh Vicky
  
• Jay Patel
  
• Muhammad Abdullah
  
• Pratap Chandra
  
• Ishwar Prasad Bhat (Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College, Avadi) 
  
• U.kiran vas Reddy
  
• Douglas Berdeaux; WeakNet Laboratories
  
• Sane Sindhuja Reddy
  
• Gökay Gündogan
• HusseiN98D,@hussein98d, 1nsp3ctus
• Bharat Sewani (individual Bug Hunter)
• Adeleh Mansori, Ramin Farajpour Cami
• Joe Balhis
• Mohammad Naveed
• Jakub Pałaczyński of ING Services Polska
• Ala Arfaoui
• Sumit Sahoo
• Muhammad Talha Khan
• Ayoub Ait Elmokhtar
• Bharat Sewani
• Shawar Khan & D4rk f34r [Ethical Hacker] 
• Hamit ABIS
• Kamran Saifullah
• Lawrence Amer
• Charfeddine Hamdi
• Tunisian whitehats
• Deepali Malekar
• Ajay Anand
• Karl Smith, NCC Group
• Ashish Pathak
• SaifAllah benMassaoud
• Abdul Haq Khokhar
• Hemant Bansal
• Ravi Chandroliya, @ChandroliyaRavi
• Ayoub Fathi
• Hammad Shamsi
• Vikas Khanna (Hackerdesk), Gurjant Singh (Hackerdesk), and Harpal Singh (Hackerdesk)
• Vishwaraj Bhattrai
• Pulkit Pandey
• Neeraj R. Godkhindi
• Rakesh Singh
• Christian Galeone
• Alizaib Hassan, www.alizaibhassan.com
• Mohammed Abdulqader Abobaker Al-saggaf
• Osama Ansari
• Harsha Boppana
• M. Asim Shahzad
• Meet Makwana
• Huzaifa Jawaid
• Swapnil A. Thaware, Dream Ocean InfoSec
• Aditya K. Sood, SecNiche Security Labs
• Ankush Mohanty, hackandsecurity9.blogspot.in
• Indrajith.AN
• Rohan Kumar Birtia
• Suhas Sunil Gaikwad
• Jason Gordon
• Sriram
• Mayank Bhatodra
• Ankit Sharma
• Aditya K. Sood, SecNiche Security Labs
• Milan A. Solanki
• Evan Ricafort

• Abhishek Dashora
• Shahee Mirza, @shaheemirza
• Ali Hassan Ghori of AHPT
• S.Venkatesh
• Mayur Agnihotri
• Saurabh Chandrakant Nemade
• Rafael Pablos
• Abdul Haq Khokhar
• Michael Brown of Net Direct
• Badí' Yee Tzyypirng, @badiyee
• Abdul Wasay, @AWasayRazzak
• Ahmed Hassan Awan, @hassanawans
• Lalit Kumar, @lalitiitbbs
• Rajat Khanna of PricewaterhouseCoopers
• >Justine Edic
• Abdul Rehman
• Rajeewgandhi Jeyaraj
• Samanthi Jeyaraj
• Jeyaram Jeyaraj
• Myaseen Khan, myaseen.khan@hotmail.com
• Provensec Labs
• Mohammad Yaseen Khan
• Madhu Akula, @madhuakula
• Hardik Tailor, @iamhardiktailor
• Deepak Kumar Nath
• Simone Memoli, @Simon90_Italy
• Filippos Mastrogiannis, @Simon90_Italy
• Jatinder Pal Singh
• Sergio Galán, "NaxoneZ" @NaxoneZ
• Rodolfo Godalle, Jr.
• Chris John Riley, @ChrisJohnRiley
• Dawid Czagan
• Nenad Stojanovski of Spotify
• Yogesh Modi
• Sandeep Singh
• Pradeep Jairamani
• Ankit Bharathan
• Surya Subhash, @pbssubhash
• Parveen Yadav
• Parveen Nair of Kerala Cyber Squad
• Rahul Singh
• Dev Jeet
• Nitin Goplani
• Web Plus
• Muhammad Talha Khan
• Teguh P. Alko
• Erik van Oosbree, @mildata
• Prafull Agarwal
• Aniket Pratap Singh
• Ch. Muhammad Osama
• Ketan Sirigiri,Cigniti Technologies Ltd.
• Marc Rivero López of Aiuken Solutions, @seifreed
• Wang Jing
• Shikhil Sharma, Czar Securities
• El Hadjeui Jamal Eddine, @JamalC0m
• Koutrouss Naddara
• Mohamed Osman Saeed, @krmalab
• Daniel Vasu, RST Forums
• Nakul Mohan, @Nakul_Mohan_Cia
• Jerold Camacho, @karapsyon
• Kamil Sevi, @kamilsevi
• Frank Dick
• Vinesh N. Redkar, @b0rn2pwn
• Gurjant Singh and Mayank Kapoor of Hackerdesk
• Vedachala, @vedachalaka
• Fernando Muñoz

For presenting at the BlackBerry Security Summit, June 2013:

• Justin Clarke of Cylance
• Dan Guido of Trail of Bits, Inc.
• Miaubiz
• Jason Shirk of Microsoft
• Adam Meyers of Crowdstrike
• Kurt Baumgartner of Kaspersky

For identifying and reporting a security issue to BlackBerry:

• Ravindra Singh Rathore, @ravindra_hacks
• Aditya K Sood of SecNiche Security Labs, @AdityaKSood
• Paras Pilani of AKS IT Services
• Rishiraj Sharma, @ehrishiraj
• Vedachala, @vedachalaka
• Pralhad Chaskar, @c0d3xpl0it
• Ravikumar Paghdal, @_RaviRamesh
• Pobereznicenco Dan of RSTforums
• Sahil Saif, @bewithsahilsaif
• Muhammad Talha Khan (MTK), @M7K911
• Paul O'Grady, @3v0lver
• Charlie Briggs, @Charlie_N_B
• Dylan Scott Hailey, @TibitXimer
• Ajay Negi, @AjaySinghNegi and Prashant Negi, @prashantnegi_
• Deepankar Arora, @sec403 and Nipun Jaswal, @nipunjaswal
• Shahee Mirza, @ShaheeMirza
• Adam Ziaja, @adamziaja
• Cernica Ionut Cosmin
• Abdullah Hussam Gazi, @Abdulahhusam
• Koutrouss Naddara
• Shubham Shah @infosec_au
• Appthority
• Ankit Bharathan
• Shashank of Pwnsecurity, @cyberboyIndia
• Anagha Devale-Vartak of Avsecurity
• Jatinpreet Singh, @SillyGeek
• Avilash Kumar and Toshendra Sharma
• Gökmen GÜRESÇI @GokmenGuresci
• Juan Broullón Sampedro, @The_Pr0ph3t
• Jayvardhan Singh, @Silent_Screamr
• Nikhalesh Singh Bhadoria, @nikhaleshsingh
• Umer Shakil, @umer_djzz
• Christy Philip Mathew
• Mockingbird
• Raj Sukali of DEFENCELY
• Gordon Johnson of leetupload, @leetupload
• Deepak Kivande
• Sebastian Neef and Tim Schäfers of Internetwache, @internetwache
• Wang Qiushi, @qiushi_w
• Monendra Sahu, @mohitnitrr
• Siddhesh Gawde, @pen3t3r
• Chiragh Dewan , @ChiraghDewan
• Tushar Rajhans Kumbhare, Defencely
• Ehraz Ahmed, @securityexe and Umraz Ahmed, @umrazahmed
• Shubham Raj, Openfire Security
• Team Defencely
• Priyal Viroja
• Anand Prakash, @sehacure
• Sandeep Singh Rehal, @Sandeep_Rehal
• J Muhammed Gazzaly, @gazly
• Rishal Dwivedi of Bhavan's Vivekananda College, @rishaldwivedi and Manjot Singh of Rimt College Mandi Gobindgarh
• Ahmad Ashraff, @yappare
• Yuji Kosuga, @yujikosuga
• Sunil Dadhich, @Sunil_Dadhich7
• Shubham Upadhyay, @CybeRShubhaM
• Simone Memoli, @Simon90_Italy
• Nikhil Srivastava, Javid Hussain @javidhussain21 and Rahul Tyagi @rahultyagihacks from Techdefence Pvt. Ltd.
• Osman Dogan, @osmand0gan
• Ali Hasan Ghauri, AHPT
• Riaz Ebrahim
• Krutarth Shukla, @KrutarthShukla
• Christian Lopez Martin, @phr0nak
• Aditya Balapure, @adityabalapure
• Dragos Scarlatescu, RST
• Himanshu Sharma
• Wong Chieh Yie, @wcypierrenet
• SimranJeet Singh, @TurbanatorSJS
• Florindarck, Hackyard Security Group
• Ajinkya Patil
• M.R.Vignesh Kumar, @vigneshkumarmr
• Danijel Maksimovic, @Maxon3
• Kamil Sevi, @kamilsevi
• Shubham Mittal, @upgoingstar
• Peter Jaric, @peterjaric
• Mirza Burhan Baig, BlacKBitZ!
• Muhammad Waqar, BlacKBitZ!, @MuhammadWaqar_9
• Rafay Baloch, RHA InfoSecurity
• Abhinav Karnawat, \/ w4rri0r \/
• Thamatam Deepak of N&D Corporation, @Deepak_Mr47
• Chaithanya.R.K of EIS pvt Ltd, @ant4g0nist
• Malte Batram, @_batram
• Piyush Malik, @ThePiyushMalik

For presenting at the BlackBerry Security Summit, June 2012:

• Robert C. Seacord of the Secure Coding Initiative at CERT, located at Carnegie Mellon’s Software Engineering Institute (SEI)
• Michael Eddington of Deja vu Security
• Vincenzo Iozzo of Trail of Bits, Inc.
• Andy Davis of NCC Group
• Zach Lanier of Veracode
• Dino Dai Zovi of Trail of Bits, Inc.
  
• Joshua Lackey of AT&T   
• Willem Pinckaers of Matasano Security

For identifying and reporting a security issue to BlackBerry:

• Andy Davis of NCC Group
  
• Tim Brown, Nth Dimension

For identifying and reporting a security issue to BlackBerry:

• Frank Dick
• Zach Lanier of Veracode
• Bogdan Alecu
• Professor Keith Mayes and Lishoy Francis from the ISG Smart Card Centre, Royal Holloway, University of London
• Richard Leach of NCC Group
• Ivan Huertas
• Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers, reported via TippingPoint and the Zero Day Initiative
• Laurent Oudot of TEHTRI Security
• ElcomSoft Co. Ltd.
• ACROS Security

For identifying and reporting a security issue to BlackBerry:

• Isaac Dawson
• Jean-Luc Giraud of the Citrix security team
• Sheran Gunasekera of ZenConsult
• OYXin of Nevis Labs, Aviram Networks, Inc.
• Mobile Security Lab
• CESG
• Ken Millar of Sensient Technologies Corporation
• Michael Thumann of ERNW
• Martin O'Neal and Stephen de Vries of Corsaire
• eEye Digital Security, working with US-Computer Emergency Readiness Team Coordination Center (CERT/CC)
• Sonic Solutions
• US-Computer Emergency Readiness Team Coordination Center (CERT/CC)
• FX of Phenoelit
• Imad Lahoud of the EADS Corporate Research Center IT Security Lab in France