Open in app

Sign In

Write

Sign In

Aditya K Sood
Aditya K Sood

15 Followers

Home

About

Pinned

Enfilade: Detecting Ransomware Infections in MongoDB

Challenge: Increase in Ransomware infections in MongoDB instances As part of ongoing research, let’s quickly look into a snippet of live MongoDB ransomware infections. The list is not exhaustive but gives you an insight into the problem.

Ransomware

2 min read

Enfilade: Detecting Ransomware Infections in MongoDB
Enfilade: Detecting Ransomware Infections in MongoDB
Ransomware

2 min read


Pinned

Good Content Stays Relevant !

University of Manchester: “Targeted Cyber Attacks” Book Included as Part of Trust and Security in a Digital World Course We drafted a “Targeted Cyber Attacks” book a few years ago covering the insightful details related to targeted cyber attacks occurring in the wild including associated threat landscape. The book received…

Cybersecurity

2 min read

Good Content Stays Relevant !
Good Content Stays Relevant !
Cybersecurity

2 min read


Aug 30, 2021

Network Security Journal Published Review of the Empirical Cloud Security Book

An independent review of the “Empirical Cloud Security” book has been published by the Elsevier Network Security (NESE) Journal in the August edition. Check the PDF here: https://www.sciencedirect.com/science/article/abs/pii/S1353485821000854 Some of the quotes from the review are presented below: This is a book you will want to come back to regularly…

Network Security

2 min read

Network Security Journal Published Review of the Empirical Cloud Security Book
Network Security Journal Published Review of the Empirical Cloud Security Book
Network Security

2 min read


Mar 14, 2021

Strafer Tool Demo: Detecting Ransomware/Bot Infections in Elasticsearch

At BlackHat Europe Arenal 2020, I released the Strafer tool to detect potential ransomware/bot infections in the Elasticsearch instances deployed in the cloud environments. Elasticsearch Threat Landscape

Elasticsearch

1 min read

Strafer Tool Demo: Detecting Ransomware/Bot Infections in Elasticsearch
Strafer Tool Demo: Detecting Ransomware/Bot Infections in Elasticsearch
Elasticsearch

1 min read


Apr 15, 2020

Basics are the Hardest Part to Conquer: Zoom it Up !

In security, we always say and strictly believe “Basics are the Hardest Part to Conquer”. That’s the true fact. With recent challenges, the usage of video-conferencing technologies has increased exponentially. Zoom is being discussed a lot of these for the same. With the advancements of new technologies and increasing usage…

Web Development

2 min read

Basics are the Hardest Part to Conquer: Zoom it Up !
Basics are the Hardest Part to Conquer: Zoom it Up !
Web Development

2 min read


Apr 8, 2020

Sparty : Useful Tools Die Hard !

Sparty was designed to conduct efficient security assessment of MS Sharepoint deployments. The tool has been used by security community which shows the acceptability and and highlighting that the tool is useful. Sparty was presented at BlackHat 2013 and the presentation is available at: https://media.blackhat.com/us-13/Arsenal/us-13-Sood-Sparty-Slides.pdf

Cybersecurity

3 min read

Sparty : Useful Tools Die Hard !
Sparty : Useful Tools Die Hard !
Cybersecurity

3 min read


Oct 2, 2019

Malware Getting Branded — GUCCI IoT Bot Discovered Targeting Devices in the European Region

Report by Aditya K Sood and RB. Note: We would like to thank MalwareMustDie for providing additional inputs regarding reverse engineering of binaries. Media Coverage New Gucci Botnet Capable of Launching Multiple Types of DDoS Attacks — https://securityintelligence.com/news/new-gucci-botnet-capable-of-launching-multiple-types-of-ddos-attacks/ New ‘Gucci’ IoT Botnet Targets Europe — https://www.securityweek.com/new-gucci-iot-botnet-targets-europe

Security

5 min read

Malware Branded — GUCCI IoT Bot Discovered Targeting Devices in the European Region
Malware Branded — GUCCI IoT Bot Discovered Targeting Devices in the European Region
Security

5 min read


May 1, 2018

BSidesSF 2018 Talk: Crimeware Chaos | Talk Released

Cybercriminals deploy crimeware for conducting nefarious operations on the Internet. Crimeware is managed on a large scale through deployment of centralized portals known as Command and Control (C&C) panels. C&C panels are considered as attackers’ primary operating environment through which crimewave is controlled and updated at regular intervals of time…

Cybersecurity

1 min read

BSidesSF 2018 Talk: Crimeware Chaos | Talk Released
BSidesSF 2018 Talk: Crimeware Chaos | Talk Released
Cybersecurity

1 min read


Dec 6, 2017

Exposed AWS S3 Buckets == Directory Listing | Avaya Case Study

Overview During the conversation with the administrators about exposed AWS S3 buckets or traditional Directory Listing, the feedback often received is: “since the listed objects or files do not contain any sensitive information, the configuration of the buckets (or directories) is fine even if they are exposed.” This can be…

AWS

3 min read

Exposed AWS S3 Buckets == Directory Listing | Avaya Case Study
Exposed AWS S3 Buckets == Directory Listing | Avaya Case Study
AWS

3 min read


Oct 18, 2017

Malvertising: Distributing Malice via Cross-Domain Script Inclusion

Online advertisements provide a convenient platform for spreading malware. Since ads provide a significant portion of revenue on the web, significant effort is put into attracting users to them. Malicious agents take advantage of this skillful attraction and then redirect users to malicious sites that serve malware Recently, malvertising (malicious…

Malware

3 min read

Malvertising: Distributing Malice via Cross-Domain Script Inclusion
Malvertising: Distributing Malice via Cross-Domain Script Inclusion
Malware

3 min read

Aditya K Sood

Aditya K Sood

15 Followers

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams