Towards Security

Research Publications, Articles and Whitepapers

IEEE, CACM, Elsevier, ACIG, Wiley ..

• A. Sood and S. Zeadally,"Revolutionizing Cyber Defense: Leveraging Generative AI for Adaptive Threat Hunting", Wiley Internet Technology Letters, 2025.
• A. Sood and S. Zeadally, "The Unprecedented Surge in Generative AI: Empirical Analysis of Trusted and Malicious Large Language Models (LLMs)", IEEE Technology and Society Magazine, 2025.
• A. Sood and S. Zeadally, "AI-Powered Pervasive Computing: Discerning Threat Model to Unveil Security and Privacy Challenges", Applied Cybersecurity and Internet Governance (ACIG) Journal, 2025.
• A. Sood and S. Zeadally, "Unveiling the Dark Side: Malicious AI Models Undermine Software Supply Chain Security", Communications of the ACM (CACM), 2025.
• A. Sood and S. Zeadally, "The Paradigm of Hallucinations in AI-driven Cybersecurity Systems: Understanding Taxonomy, Classification Outcomes, and Mitigations", Elsevier Computers and Electrical Engineering Journal, 2025.
• A. Sood and S. Zeadally, "Consumer Electronics Supply Chain Poisoning: Anatomizing the Unified Hardware and Software Threat Model and Countermeasures", Information Security Journal: A Global Perspective, 2025.
• A. Sood and S. Zeadally "Cybercrime at a Scale: A Practical Study of Deployments of HTTP-Based Botnet Command and Control Panels", IEEE Communications Magazine, 2017.
• A. Sood and S. Zeadally "Drive-by Download Attacks: A Comparative Study of Browser Exploit Packs Features and Attack Techniques! ", IEEE IT Professional - Special Edition of Cyber Security , 2016.
• A. Sood and S. Zeadally "A Taxonomy of Domain Generation Algorithms", IEEE Security and Privacy Magazine, 2016.
• A. Sood, S. Zeadally, R. Bansal, "Exploiting Trust - Stealthy Attacks through Socioware and Insider Threats", IEEE Systems Journal, 2015.
• A. Sood, S. Zeadally, R. Enbody, "An Empirical Study of HTTP-based Financial Botnets", IEEE Transactions on Dependable and Secure Computing, 2015.
• A. Sood and R. Enbody, " Targeted Cyberattacks - Superset of Advanced Persistent Attacks", IEEE Security and Privacy Magazine, 2013.
• A. Sood, R. Bansal, and R. Enbody, "Cybercrime - Dissecting the State of Underground Enterprise", IEEE Internet Computing Magazine, 2013.
• A. Sood and R. Enbody, "Dissecting SpyEye - Understanding the Design of Third Generation Botnets", Elsevier Computer Networks Journal,2013.
• A. Sood and R. Enbody, " Crimeware-as-a-Service (CaaS) - A Survey of Commoditized Crimeware in the Underground Market ", International Journal of Critical Infrastructure Protection, 2013.
• A. Sood and R. Enbody, JavaScript Infection Model., ISSA Journal, November 2010
• A. Sood, Hacking 802.11 Protocol Insecurities., Usenix ;login Magazine, April 2008
• A. Sood, Insecurities in Designing XML Signatures., Usenix ;login Magazine, February 2008
• AI as The Bedrock for Next-generation Cyber Security Solutions, Network Security - Mag Online Library, January, 2024
• Defensive Cyber Security: Continuous Controls Enforcement and Infrastructure Hygiene, Network Security - Mag Online Library, August, 2023
• Enhancing Cyber Security at scale with ML/AI frameworks, Network Security - Mag Online Library, May, 2023
• Cloud databases: A Breeding Ground for Ransomware, Network Security - Mag Online Library, January, 2023
• DGAs Die Hard: Detecting Malicious Domains using AI, Network Security - Mag Online Library, June, 2022
• The Covid-19 Threat Landscape, Computer Fraud and Security - Mag Online Library, September, 2021
• State of Declarative Security in Banking Websites., Elsevier Computer Fraud and Security (CFS) Journal, July 2011
• Spying on the Browser - Dissecting the Design of Malicious Extensions., Elsevier Network Security (NESE) Journal, May 2011
• Abusing Glype Proxies: attacks , Exploits and Defenses, Elsevier Network Security, December 2012
• Malvertising - Exploiting Web Advertising., Elsevier CFS, April 2011
• Frametrapping the Framebusting Defense., Elsevier Network Security (NESE) Journal, October 2011

Online Articles: ComputerWeekly, HelpNetSecurity, ISACA, Dark Reading

• Understanding the ‘espionage ecosystem’ threat
• Platformisation without illusion: Separating integration from theatre
• From promise to proof: Making AI security adoption tangible
• CISOs in court: Balancing cyber resilience and legal accountability
• SLA promises, security realities: Navigating the shared responsibility gap
• Fortifying the future: The pivotal role of CISOs in AI operations.
• Unspoken risk: Human factors undermine trusted platforms
• How Evolving RATs Are Redefining Enterprise Security Threats
• Vigilant buyers are the best recipe for accountable suppliers
• Data abuse in cyberwarfare: Dissecting the attack model, ISACA Journal, Vol. 6, November 2024.
• Discovering and fingerprinting BACnet Devices", Help Net Security, July 2019
• Too fast, too insecure: Securing Mongo Express Web Administrative Interfaces, Help Net Security, April 2019
• Cloudifying Malware: Understanding Cloud App Threats, ISACA Journal, 2018.
• Fingerprinting HTTP Anomalies to Dissect Malicious Operations, Insecure Magazine, 2018.
• Data Science as a Tool for Cloud Security&, ISACA Journal, 2018.
• Cross Interface Attacks in Network Devices.", ISACA Journal, December 2011
• Social Networks - Chain Exploitation., ISACA Journal, January 2011

Virus Bulletin Articles

• Nexus Android Banking Botnet – Compromising C&C Panels and Dissecting Mobile AppInjects, Virus Bulletin Magazine, October 2023
• Cryptojacking on the Fly: TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency, Virus Bulletin Magazine, April 2022
• Collector-stealer: A Russian Origin Credential and Information Extractor, Virus Bulletin Magazine, November 2021
• Dissecting the Design and Vulnerabilities in AZORult C&C Panels, Virus Bulletin Magazine, Feb 2020
• LokiBot: Dissecting the C&C panel Deployments, Virus Bulletin Magazine, Feb 2020
• Powering the distribution of Tesla stealer with PowerShell and VBA macros, Virus Bulletin Magazine, May 2018
• Prosecting the Citadel Botnet - Revealing the Dominance of the Zeus Descendent: Part Two, Virus Bulletin Magazine, September 2014
• Prosecting the Citadel Botnet - Revealing the Dominance of the Zeus Descendent: Part One, Virus Bulletin Magazine, September 2014
• CPanel Iframe Injector - A Look Into NiFramer, Virus Bulletin Magazine, October 2013
• Styx Exploit Pack Design Analysis, Virus Bulletin Magazine, September 2013
• Sweet Orange Exploit Pack Design Analysis, Virus Bulletin Magazine, March 2013
• Winlocker Ransomware - Analysis, Virus Bulletin, November 2012
• Inside the ICE IX bot, descendent of Zeus, Virus Bulletin Magazine, August 2012
• Malware Design Strategies for Circumventing Detection and Prevention Controls – Part Two, Virus Bulletin Magazine, June 2012
• Malware Design Strategies for Circumventing Detection and Prevention Controls – Part One, Virus Bulletin Magazine, May 2012
• Zombifying Targets - Malicious Phishing Campaigns, Virus Bulletin Magazine, April 2012
• Dissecting the NGR Bot Framework, Virus Bulletin Magazine, January 2012
• The Art of Stealing Banking Information - Form Grabbing on Fire, Virus Bulletin Magazine, November 2011
• SpyEye Bot Exploitation Tactics., Virus Bulletin Magazine, August 2011
• SpyEye Malware Infection Framework., Virus Bulletin Magazine, July 2011
• Browser Malware Taxonomy., Virus Bulletin Magazine, June 2011

Hack in the Box (HitB) Magazine Articles

• Bot Wars: The Game of Win 32/64 System Takeover, Hack In The Box - Ezine, November 2012
• Exploit Distribution Mechanism in Browser Exploit Packs, Hack In The Box - Ezine, April 2012
• Extending SQL Injection using Buffer Overflows, Hack In The Box - Ezine, October 2011
• Botnet Resistant Coding, Hack In The Box - Ezine, May 2011
• Exploiting Web Virtual Hosting, Hack In The Box - Ezine, January 2011
• Notorious Datacenter Servers Support Systems, Hack In The Box - Ezine, October 2010
• Chinese Malware Factory, Hack In The Box - Ezine, July 2010
• Open Redirect - Wreck Off, Hack In The Box - Ezine, April 2010
• Malware Obfuscation - Tricks and Traps, Hack In The Box - Ezine, January 2010

Commentary on cybersecurity Challenges

• Security Week: ‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload
• Security Boulevard: BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations
• Dark Reading: 'BlackSanta' EDR Killer Targets HR Workflows
• The Register: Fake job applications pack malware that kills endpoint detection before stealing data
• HelpNet Security: HR, recruiters targeted in year-long malware campaign
• SC Media: Report sheds light on multi-pronged APT36 attacks against India
• Security Week: RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India
• CSO: Suspicious traffic could be testing CDN evasion, says expert
• Forbes: New Android Warning As Humanized Password Stealer Confirmed
• Dark Reading: Vampire Bot Malware Sinks Fangs Into Job Hunters
• Security Brief: BatShade: Vietnamese threat actor expands its digital operations
• Silicon Angle: Vidar infostealer gains traction among cybercriminals as ease of use drives adoption
• Dark Reading: Rubio Impersonator Signals Growing Security Threat From Deepfakes
• Computer Weekly Article: Fortifying The Future: The pivotal Role of CISOs in AI Operations
• Computer Weekly Article: Unspoken Risk: Human Factors Undermine Trusted Platforms
• Dark Reading: 23andMe Bankruptcy Filing May Put Sensitive Data at Risk
• Techstrong AI: Here’s How to Prepare for AI’s Networking Challenges
• HelpNet Security: Cyberattacks are Draining Millions from the Hospitality Industry
• EasePrey Podcast: Safe AI Implementation
• HelpNet Security Article: Strategic AI Readiness for Cybersecurity: From Hype to Reality
• SC Media (CRA): Fate of DNA Data raises Privacy, Identity issues in 23andMe Bankruptcy
• Cyber Security Intelligence: DeepSeek - A Deep Dive Reveals More Than One Red Flag
• SC Media (CRA): DeepSeek AI: The Hidden Perils of Data Privacy and Security
• Enterprise Security Tech: 23andMe Bankruptcy Sparks Urgent DNA Data Privacy Reckoning
• FORBES Coverage of the Solar Panels Research: Now Energy Hackers Can Attack Your Solar Panels, And The Grid
• DW Germany Story on Solar Panel Hacking: How Hackers Capture Your Solar Panels and Cause Grid Havoc
• DW Germany : Business Beyond Documentary: How Hackers Could Attack Europe's Energy Grid
• Computer Weekly Article: Vigilant Buyers are the Best Recipe for Accountable Suppliers
• Unite.ai Interview Series: Interview with Aditya K Sood
• The Fastmode Article: Leveraging AI Observability to Turbocharge Enterprise AI Adoption
• Techradar Article: US Navy bans use of DeepSeek “in any capacity” due to “potential security and ethical concerns"
• Securitybrief Asia: Experts warn of security risks as DeepSeek limits new sign-ups
• Cybernews: Easterseals reports breach as Rhysida ransom gang demands $1.3M
• Apple - Aryaka Dreamers and Doers Podcast - Episode 23: Cloud Security Affects All Of Us
• [2023] Security Week, Black Hat USA 2023 – Announcements Summary.
• [2023] Frontier Enterprise, F5 Exec Explores AI’s Role in Data Security.
• [2021] The Daily Swig, Enfilade: Open Source Tool Flags Ransomware and Bot Infections in MongoDB Instances.
• [2020] Security Week, C&C Panels of 10 IoT Botnets Compromised by Researchers.
• [2020] Security Week, Oski Stealer Targets Browser Data, Crypto Wallets in U.S.
• [2020] ThreatPost, Oski Data-Stealing Malware Emerges to Target North America, China
• [2019] Security Week, New 'Gucci' IoT Botnet Targets Europe
• [2018] Security Week, Critical Flaws Found in NetComm Industrial Routers
• [2018] Security Week, Seagate Patches Flaws in Personal Cloud, GoFlex Products
• [2017] Security Week, Data Sample in Equifax Hack Scam Possibly From Third-Party Servers
• [2017] Security Week, Alerts Issued for Zero-Day Flaws in SCADA Systems
• [2017] The Register, D-Link resolves enterprise switch hacker risk
• [2017] CIO, A new service for the less techie criminals
• [2017] Computer Welt, Hacking-Tools shoppen wie bei Amazon
• [2016] EWeek, Apple Introduces iPhone 7 With New Cameras, Wireless Earpods
• [2016] Dark Reading, Crimeware-as-a-Service Hack Turns Potential Hackers Into Victims
• [2016] EWeek, Attacking the Attackers: Facebook Hacker Tools Exploit Their Users
• [2016] Security Week, Over 400 Vulnerabilities Reported to ICS-CERT in 2015
• [2016] IT Business Edge, Beyond Email: 5 Alternative Ways to Fall Victim to Ransomware
• [2016] Security Intelligence, Cloud File Storage Can Be a Shadow Threat
• [2016] SC Magazine, 98% of Enterprise Cloud Apps are not GDPR Ready
• [2016] Security Week, Most Business Cloud Apps Fail to Protect Enterprise Data: Report
• [2016] Computer World , Empresas possuem 20 vezes mais aplicações cloud do que imaginam
• [2016] Security Week, Flaw Allowed Hackers to Deliver Malicious Images via PayPal
• [2016] Security Week, Siemens Patches Flaw in Building Automation Products
• [2015] Third Certainty, Scammers taking advantage of Gmail, Google Drive users trust
• [2015] Security Week, Flaws in Rockwell PLCs Expose Operational Networks
• [2015] ZDNet, Zero Day Weekly: Xfinity doxing users, D-Link exposing networks, China's uncrackable smartphone
• [2015] Threatpost, Rockwell Patches Serious 'Frosty URL' Vulnerability!
• [2015] Security Week, Schneider Electric Patches Flaw in Motion USA Website
• [2015] Threatpost, Schneider Patches Plaintext Credentials Big in Bulding Automation Systems!
• [2015] Kaspersky Threatpost, Ebay Fixes Flaw in Subdomain
• [2015] Security Week, Sundown EK First to Integrate Exploit for Recently Patched IE Flaw
• [2015] International Business Times, Google Drive Hack: Phishing Campaign Targets Gmail Users With Fake SSL Encryption
• [2015] Security Week, Schneider Electric Patches PLC Flaws Disclosed at DEF CON
• [2015] CIO Today, Salesforce Closes Door to Hack Attacks
• [2015] Dark Reading, New Phishing Campaign Leverages Google Drive
• [2015] CSO, Google Drive phishing is back -- with obfuscation
• [2015] Security Week, Flaw in Salesforce Subdomain Enabled Phishing Attacks
• [2015] Cloud Wedge, Salesforce Promptly Fixes Security Bug Found By Elastica
• [2015] Help Net Security , Script injection vulnerability discovered in Salesforce
• [2015] The Register, Salesforce plugs silly website XSS hole, hopes nobody spotted it
• [2015] Technology Decisions, Kaspersky allegedly sabotaged rivals; Salesforce plugs security flaw; Lenovo laptops' dodgy firmware.
• [2015] Kaspersky Threatpost, New Phishing Campaign Targets Google Credentials
• [2015] SC Magazine UK, Cross-site scripting vulnerability uncovered in Salesforce cloud
• [2015] InfoSecurity Magazine, Salesforce Patches Dangerous XSS Flaw
• [2015] SC Magazine UK, Google Drive influences new phishing campaign
• [2015] Politico, Union sues OPM — Second breach, of security clearance material.
• [2015] Security Week, Alerts Issued for Zero-Day Flaws in SCADA Systems
• [2015] Kaspersky Threatpost, Salesforce Patches XSS on a Subdomain
• [2015] Kaspersky Threatpost, Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
• [2015] The Register, Ebay Snuffs Malware Upload Bug !
• [2015] Threatpost, Ebay Fixes File Upload and Patch Disclosure Bugs !
• [2014] Security Week, Vulnerabilities Found in Schneider Electric SCADA Product Line !
• [2014] Threatpost, Series of Vulnerabilities found in Schneider Electric ClearSCADA Products.

Security Talks Presented at Events

• AI Under Siege: Dissecting the ReAct Framework Attack Surface, Anti Phishing Working Group (APWG), San Diego 2025
• Unveiling Threats Targeting AI: Equalizing Attacks and Intelligence, Mountain View, 2024
• Combating AI Attacks Targeting the AI Ecosystem, APWG eCrime Conference, Boston, 2024
• Striking C&C Infrastructure for Generating Applied Threat Intelligence, BSides Security Conference, Goa, 2024
• Attack Like an Attacker: Targeting C&C Infrastructure, Pacific Hackers Conference, Mountain View, 2023
• MELEE: A Tool to Detect Ransomware Infections in MongoDB, BlackHat Arsenal, Las Vegas, 2023
• Using ML/AI to Design Cybersecurity Solutions, SF Tech Summit, San Francisco, 2023
• Compromising the Keys to the Kingdom - Exfiltrating Data to Own and Operate the Exploited Systems, FIRST Incident Response Conference, Montreal, 2023
• Cloudifying Ransom Wars, Anti Phishing Working Group (APWG) eCrime Conference, Internet, 2022
• Data is the New E-Currency: Dissecting the Paradigm of Present-day Cyberattacks , Pacific Hackers Conference, Mountain View, 2022
• Combating Ransom-Wars: Evolving Landscape of Ransomware Infections in Cloud Databases, Hackers on Planet Earth (HOPE) Conference, New York, 2022.
• World of Modern Apps: Dissecting Ransomware and Botnet Threats in Cloud Databases, Secure 360 Conference, Prior Lake Minnesota, 2022.
• Dethroning Ransomware Infections in the Cloud Databases used for Modern Applications, Texas Cyber Security Summit, San Antonio, 2021.
• {Internet of Things or Threats}: Anatomizing the Structure of IoT Botnets, Hack in Paris (HiP) Conference, San Antonio, 2021.
• Internet of {Things or Threats}, BSides, Berlin, 2021.
• Enfilade: A Tool to Detect Potential Ransomware Infections in MongoDB Instances, BlackHat Arsenal USA, 2021.
• Uncovering Botnets in IoT Hemisphere, Secure 360 Conference, St. Paul Minnesota, 2020.
• Strafer: A Tool to Detect Potential Infections in Elasticsearch Instances, BlackHat Arsenal Europe, 2020.
• Compromising IoT C&C panels for Unearthing Infections, Virus Bulletin Local Host, 2020.
• Jamming into the World of IoT Botnets: The Hacker’s Way, UTSA, San Antonio, Texas, 2020.
• Connected World of Devices - Exploiting the Embedded Web Security Pacific Hackers Conference , Santa Clara, CA, 2019.
• Embedding Security and Privacy in DevOps - Real World Case Studies SANS DevOps Summit, Denver, Colorado, 2019.
• The State of Embedded Web Security in IoT Devices, Texas Cyber Security Summit, San Antonio, 2019.
• IoT Botnet Chaos, ToorCon Security Conference, San Diego, California, 2018.
• The State of IoT Botnets - The Bad and The Ugly, Hackers on Planet Earth (HOPE) Security Conference, New York, NY, USA, 2018.
• Crimeware Chaos: Empirical Analysis of HTTP-based Botnet C&C Panels, BSides SF , San Francisco, USA, 2018.
• The State of IoT Botnets: An Overview, IoT Security Symposium, Burlingame, CA, USA, 2018.
• Cloud Storage Abuse and Exploitation, EDGE Security Conference, Knoxville, Tennesse, USA, 2017.
• The Budding World of Cloud Storage Abuse and Exploitation : A Technical Deep Dive, FIRST Security Conference, Puerto Rico, USA, 2017.
• The TAO of Automated Iframe Injectors - Building Drive-by Platforms For Fun and Profit, Virus Bulletin, Denver, USA, 2016.
• Understanding the Crux - Abuse of Cloud Storage Apps, CSA Secure Cloud , Dublin, Ireland, 2016.
• Delivering Security in Cloud Generation World, RSA, San Francisco, USA, 2016.
• Sanctioned to Hack - Hunting Vulnerabilities in SCADA HMIs, Ground Zero, New Delhi, India, 2015
• Design Flaws in Network Switches - Your Network Devices Belong to Us!, ToorCon, San Diego, CA, USA, 2015
• Dynamics of Cloud Storage Abuse and Exploitation - One More for the Road!, ToorCon, San Diego, CA, USA, 2015
• Applying Data Science to Cloud Services Auditing, Compliance, Monitoring and Security, PSR (Privacy Security Risk), Las Vegas, USA
• The State of Web Security in SCADA HMIs, OWASP, San Francisco, CA, USA, 2015
• Hunting Vulnerabilities in SCADA HMIs, DEFCON, Las Vegas, Nevada, USA, 2015
• Exploiting Fundamental Weaknesses in Botnet C&C Panels, BlackHat, Las Vegas, Nevada, USA, 2014
• C-SCAD - Assessing Security Flaws in ClearSCADA WebX Client,BlackHat Arsenal, Las Vegas, Nevada, USA, 2014
• How I Hacked Your Botnet C&C Panels, ToorCon, San Diego, 2014
• Sparty : A Tool to Audit FrontPage and SharePoint, BlackHat Arsenal,Las Vegas, Nevada, USA, 2013
• Emerging Trends in Online Social Network Malware, Secure 360 , St. Paul, Minnesota, 2013
• Dissecting Socioware - A Study of Online Social Network Malware, InfoSec Security Southwest (ISSW),Austin, Texas, 2013
• Malandroid - Android Malware Mayhem, ToorCon, San Diego, 2012
• Bust a Cap in the Mobile App, SANS AppSec, Las Vegas, 2012
• The Realm of Third Generation Botnet Attacks, GrrCon, Grand Rapids,2012
• Bonded with Botnets, US-CERT GFIRST, Atlanta, 2012
• Botnets Die Hard - Owned and Operated, DEFCON, Las Vegas,2012
• Advancements in Botnet Attacks and Malware Distribution, Hackers on Planet Earth(HOPE), New York,2012
• Insidious Infections - Mangling with Botnets, Layer One, Anaheim, California, 2012
• Dissecting the State of Present-day Malware, HackCon, Oslo, Norway, 2012
• Hunting Web Malware, Hacker Halted, Miami, Florida, 2011
• Browser Exploit Packs - Death by Bundled Exploits, Virus Bulletin, Barcelona, Spain, 2011
• Botnets and Browsers - Brothers in the Ghost Shell, BruCon, Brussels, Belgium, 2011
• The Good Hacker - Dismantling Web Malware, OWASP AppSec, Minnesota, Minneapolis, USA, 2011
• Browser Exploit Packs - Exploitation Tactics, ToorCon, Seattle, Washington, 2011
• Art of Info Jacking - Detecting Hidden Devices, Source, Seattle, Washington, 2011
• Spying on SpyEye Botnet - What Lies Beneath, Hack-in-the-Box (HitB), Amsterdam, Netherlands, 2011
• Eye for and Eye - SpyEye Banking Trojan, ToorCon, San Diego, California, 2010
• Web Maniac - Hacking Trust, Hacker Halted, Miami, Florida, 2010
• The Art of Information Extraction, OWASP AppSec, Brazil, 2010
• Bug Alcoholic - Untamed World of Web Vulnerabilities, OWASP AppSec, Irvine, California,USA, 2010
• Scaling Web 2.0 Malware Infections, TRISC - Texas Regional Infrastructure Security , Grapevine, Texas, 2010
• Untamed XSS Wars - Filters vs Payloads, RSA, San Francisco, California, 2010
• Browser Design Flaws, Troopers, Munich, Germany, 2009
• Web Psyschic 2.0, Excalibur , Wuxi, China, 2009
• Rumbling Infections - Web 2.0 Malware Anatomy, SecurityByte - OWASP AppSec, New Delhi, India, 2009
• Webnoxious 2.0 - Attacking Open End Web, FOSS (Free and Open Source Software), Bangalore, India, 2009
• Vulnerability Vectors in PDF - Synthesizing PDF Attacks, EUSecWest, London, UK, 2008
• Rolling Balls - Can You Hack Clients?, XFOCUS XCON, Beijing, China, 2008
• KungFoo Jacking Browsers, XFOCUS XCON / XKungFoo, Beijing, China, 2008

Recorded Talks and Interviews

Easy Prey Podcast
Safe AI Implementation Discussion with Chris Parker
Easy Prey Podcast →
DW Business Beyond
How Hackers Could Attack Europe's Energy Grid | Business Beyond
Documentary →
Pacific Hackers 2024
Unveiling Threats Targeting AI: Equalizing Attacks and Intelligence
Conference Talk →
Pacific Hackers 2024
Attack Like an Attacker: Targeting C&C Infrastructure
Conference Talk →
APWG eCrime 2022
Cloudifying Ransom Wars
Conference Talk →
Govware 2022
Detecting Database Compromises at Scale
Conference Talk →
Virus Bulletin 2021
Compromising IoT C&C Panels for Unearthing Infections
Conference Talk →
Texas Cyber Security 2021
Dethroning Ransomware Infections in Cloud Databases
Conference Talk →
Hack in Paris 2021
Anatomizing the Structure of IoTs Botnets
Conference Talk →
Pacific Hackers 2020
Connected World of Devices - Exploiting Embedded Web Security
Conference Talk →
BSides SF 2018
Crimeware Chaos: Empirical Analysis of HTTP-Based Botnet C&C Panels
Conference Talk →
ToorCon 2018
IoT Botnets: The Crux of Internet of Things Chaos
Conference Talk →
HOPE 2018
The Evidential Study of IoT Botnets
Conference Talk →
DEF CON 26
Botnets Die Hard
Main Stage Talk →
DEF CON 25
Dissecting the Design of SCADA Web HMIs
Conference Talk →
BlackHat / OWASP
Exploiting Fundamental Weaknesses in Botnet C&C Panels
Conference Talk →
Layerone 2012
Insidious Infections: Mangling with Malware
Conference Talk →
GrrCon 2012
The Realm of Third Generation Botnets
Conference Talk →
HOPE 2012
Advancements in Botnet Attacks and Malware Distribution
Conference Talk →

Released Vulnerabilities: ICS CERT and Others

• ICSA-18-221-02, NetComm Wireless 4G LTE Light Industrial M2M Router.
• ICSA-16-348-01, Visonic PowerLink2 Vulnerabilities.
• ICSA-16-343-01, Moxa MiiNePort Session Hijack Vulnerabilities.
• ICSA-16-063-01, Moxa ioLogik E2200 Series Weak Authentication Practices.
• ICSA-16-061-02, Rockwell Automation Allen-Bradley CompactLogix Reflective Cross-Site Scripting Vulnerability.
• ICSA-16-019-01, Siemens OZW672 and OZW772 XSS Vulnerability
• ICSA-15-349-01, Adcon Telemetry A840 Vulnerabilities
• ICSA-15-351-02, Motorola MOSCAD SCADA IP Gateway Vulnerabilities
• ICSA-15-300-03A, Rockwell Automation Micrologix 1100 and 1400 PLC Systems Vulnerabilities (Update A).
• ICSA-15-246-02, Schneider Electric Modicon PLC Vulnerabilities.
• ICSA-15-013-02, Clorius Controls A/S ISC SCADA Insecure Java Client Web Authentication.
• ICSA-14-259-01A, Schneider Electric SCADA Expert ClearSCADA Vulnerabilities.
• CVE-2010-2453, Web Commands Injection through FTP Login in Synology Disk Station.

Bug Bounties (*FUN*)

Reported many vulnerabilities to vendors as a part of bug bounties (entirely fun). The list of vendors are presented below but are not limited to:

• NetFlix | PayPal | BlackBerry | Box | Barracuda Networks | Apple | Adobe | Microsoft | ZScaler