Aditya K Sood, Ph.D
SecNiche Security Labs | LinkedIn | Twitter| Facebook
Contact via LinkedIn
Dr. Sood works as a Director of Security and Cloud Threat Labs at Elastica Inc., Blue Coat Systems. Dr. Sood has research interests in malware automation and analysis, application security, secure software design and cybercrime. He has worked on a number of projects pertaining to penetration testing specializing in product/appliance security, networks, mobile and web applications while serving Fortune 500 clients for IOActive, KPMG and others. He is also a founder of SecNiche Security Labs, an independent web portal for sharing research with security community. He has authored several papers for various magazines and journals including IEEE, Elsevier, CrossTalk, ISACA, Virus Bulletin, Usenix and others. His work has been featured in several media outlets including Associated Press, Fox News, The Register, Guardian, Business Insider, Kaspersky Threatpost, CBC and others. He has been an active speaker at industry conferences and presented at BlackHat, DEFCON, HackInTheBox, RSA, Virus Bulletin, OWASP and many others. Dr. Sood obtained his Ph.D from Michigan State University in Computer Sciences. Dr. Sood is also an author of "Targeted Cyber Attacks" book published by Syngress. He also sits on the review board of "CrossTalk - Journal of Defense Engineering", a publication sponsored by Department of Homeland Security (DHS) and NavAir.
I have a steep interest in cyber security and contribute regularly in this realm. I collaborate with Dr. Sherali Zeadally and Dr. Richard J Enbody on various research work. At present, I am pushing the security envelope in the industry.
- Designing algorithms for detecting attacks and malware in the networks.
- Reversing network protocols for detecting malice.
- Assessing vulnerabilities in network appliances, web and mobile applications, etc.
- Deploying python code for large-scale data analysis and security research.
- Researching vulnerabilities in web and standalone security products.
- Analyzing malware covering both behavioral and static processes.
Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile.
Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of directed attacks and provides insight into what techniques and resources are used to stage these attacks so that you can counter them more effectively.
Syngress published this book (ISBN-10: 0128006048 | ISBN-13: 978-0128006047) and it is available at : Amazon, Elsevier Store, Barnes and Nobles and others.
".the book works its way through how attacks are planned and executed, following by a description of protective measures and concluding with a bit of myth-busting in order to leave readers with a clear and accurate picture of what the threat really means for them.you get a very sharp sense of how and why these attacks are possible."
- Network Security, June 2014
"The most complete text in targeted cyber attacks to date. Dr. Sood and Dr. Enbody are able to present the topic in an easy to read format that introduces the reader into the basics of targeted cyber attacks, how the attackers gather information about their target, what strategies are used to compromise a system, and how information is being exfiltrated out from the target systems. The book then concludes on how to build multi-layer defenses to protect against cyber attacks. In other words, the book describes the problem and presents a solution. If you are new to targeted attacks or a seasoned professional who wants to sharpen his or her skills, then this book is for you."
- Christopher Elisan, Principal Malware Scientist, RSA -The Division of EMC
"Sood and Enbody have taken a systematic, step by step approach to break down a pretty complex topic into bite-sized chunks that are easily digestible. They cover everything from the basics and 'need to know' of targeted attacks to the more advanced insights into the world of exploit packs, attack techniques and more."
- Dhillon Andrew Kannabhiran, Founder/Chief Executive Officer, Hack In The Box
Third-party reviews about the book is available at : Help Net Security. Search Security Techtarget has displayed a one chapter of the book here : Bookshelf.
The book has made a significant impact as a result of which the book will be published in Chinese version in 2016 by National Defense Industry Press (China).
Journal, Magazine and Conference Papers
- A. Sood and S. Zeadally, "The State of Web Vulnerabilities in SCADA WEB HMIs.", STSC Crosstalk - Journal of Defense Engineering, 2016.
- A. Sood and S. Zeadally "Drive-by Download Attacks:
A Comparative Study of Browser Exploit Packs Features and Attack Techniques!
", IEEE IT Professional - Special Edition of Cyber Security [To appear], 2016.
- A. Sood and S. Zeadally "A Taxonomy of Domain Generation Algorithms", IEEE Security and Privacy Magazine [To appear], 2016.
- A. Sood, S. Zeadally, R. Bansal, "Exploiting Trust - Stealthy Attacks through Socioware and Insider Threats", IEEE Systems Journal, 2015.
- A. Sood and R. Enbody, " U.S. Military Defense Systems - The Anatomy of Cyber Espionage by Chinese Hackers!", Georgetown Journal of International Affairs, 2015.
- A. Sood, S. Zeadally, R. Enbody, "An Empirical Study of HTTP-based Financial Botnets", IEEE Transactions on Dependable and Secure Computing, 2015.
- A. Sood and R. Enbody, "Targeted Cyberattacks - Superset of Advanced Persistent Attacks", IEEE Security and Privacy Magazine, 2013.
- A. Sood, R. Bansal, and R. Enbody, "Cybercrime - Dissecting the State of Underground Enterprise", IEEE Internet Computing Magazine, 2013.
- A. Sood and R. Enbody, "Dissecting SpyEye - Understanding the Design of Third Generation Botnets", Elsevier Computer Networks Journal,2013.
- A. Sood and R. Enbody, "Crimeware-as-a-Service (CaaS) - A Survey of Commoditized Crimeware in the Underground Market", International Journal of Critical Infrastructure Protection, 2013.
- A. Sood and R. Enbody, "The Art of Cyber Bank Robbery", STSC Crosstalk - Journal of Defense Engineering, 2013.
- A. Sood and R. Enbody, "iPhone Malware Paradigm", STSC Crosstalk - Journal of Defense Engineering, 2012.
- A. Sood and R. Enbody, "Browser User Interface Design Flaws", STSC Crosstalk - Journal of Defense Engineering, 2011.
- A. Sood and R. Enbody, "The Conundrum of Declarative Security HTTP Response Headers: Lessons Learned ", USENIX CollSec, 2010.
To check all my analytical and research papers, visit: Publications with Google Citation !
Interviews and Featured Media News
-  SC Magazine,
98% of Enterprise Cloud Apps are not GDPR Ready
-  Security Week,
Most Business Cloud Apps Fail to Protect Enterprise Data: Report
-  Security Week,
Flaw Allowed Hackers to Deliver Malicious Images via PayPal
-  Security Week,
Siemens Patches Flaw in Building Automation Products
-  Third Certainty,
Scammers taking advantage of Gmail, Google Drive users trust
-  Security Week, Flaws in Rockwell PLCs Expose Operational Networks
-  Threatpost, Rockwell Patches Serious 'Frosty URL' Vulnerability!
-  Security Week, Schneider Electric Patches Flaw in Motion USA Website
-  Threatpost, Schneider Patches Plaintext Credentials Big in Bulding Automation Systems!
-  Kaspersky Threatpost, Ebay Fixes Flaw in Subdomain
-  Security Week, Sundown EK First to Integrate Exploit for Recently Patched IE Flaw
-  International Business Times, Google Drive Hack: Phishing Campaign Targets Gmail Users With Fake SSL Encryption
-  Security Week, Schneider Electric Patches PLC Flaws Disclosed at DEF CON
-  CIO Today, Salesforce Closes Door to Hack Attacks
-  Dark Reading, New Phishing Campaign Leverages Google Drive
-  CSO, Google Drive phishing is back -- with obfuscation
-  Security Week, Flaw in Salesforce Subdomain Enabled Phishing Attacks
-  Kaspersky Threatpost, New Phishing Campaign Targets Google Credentials
-  SC Magazine UK, Cross-site scripting vulnerability uncovered in Salesforce cloud
-  InfoSecurity Magazine, Salesforce Patches Dangerous XSS Flaw
-  SC Magazine UK, Google Drive influences new phishing campaign
-  Security Week, Alerts Issued for Zero-Day Flaws in SCADA Systems
-  Kaspersky Threatpost, Salesforce Patches XSS on a Subdomain
-  Kaspersky Threatpost, Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
-  Search Security Tech Target, Indian government leaked shadow data through Google Drive
-  The Register, Ebay Snuffs Malware Upload Bug !
-  Threatpost, Ebay Fixes File Upload and Patch Disclosure Bugs !
-  Security Week, Vulnerabilities Found in Schneider Electric SCADA Product Line !
-  Threatpost, Series of Vulnerabilities found in Schneider Electric ClearSCADA Products.
-  Fact or Fictional Show, Discussion on CCTV Cameras Hacking !
-  India Abroad Newspaper, Interview
-  Fox News, Secret Service busts $6 billion money laundering scheme.
-  Guardian, Liberty Reserve founder arrested in Spain.
-  Huffington Post, Costa Rica: Digital Currency Site Founder Arrested.
-  Business Insider, Digital Currency Site Founder Arrested On Money-Laundering Charges.
-  Insightcrime, Liberty Reserve Case Exposes New Frontiers in Laundering Digital Cash.
-  CBC, Digital currency dealers charged with money laundering.
-  Statesman Journal, Police in Costa Rica pull plug on shadowy currency.
-  The Blaze, 'THIS DOMAIN HAS BEEN SEIZED': FEDS, INTL. POLICE PUT CLAMPDOWN ON 'ELECTRONIC CURRENCY' COMPANY.
-  New York Daily Sun, Liberty reserve busted.
-  Contrarisk Security Podcast, Socioware.
-  Audit and Risk, Code Red.
-  Help Net Security, Online social networks: Malware launch pads.
-  Threatpost, Researcher, Malware Increasingly Independent, Stifles Security Wares.
-  Threatpost, New Firefox Bug Bypasses URL Protection.
-  Computer World, Mozilla will not patch bug that blocks warning display on Firefox.
-  The Register, Mozilla eases fears over phishy URL alert.
-  Hacker Halted Interview, Web Appstinence? Lol!.
-  Spam Fighter, Firefox & Chrome Vulnerable to Clickjacking Attacks.
-  Heise Online, Popular browsers continue to be vulnerable to clickjacking attacks.
-  ZDNet, Flaw exposes Chrome, Firefox to clickjacking.
-  ZDNet, Memory exhaustion DoS vulnerability hits Google Chrome.
-  InternetNews, Yahoo Moves Quickly To Plug Phishing Hole.
- The TAO of Automated Iframe Injectors - Building Drive-by Platforms For Fun and Profit, Denver, USA, 2016.
- Understanding the Crux - Abuse of Cloud Storage Apps, CSA Secure Cloud, Dublin, Ireland, 2016.
- Delivering Security in Cloud Generation World, RSA CONFERENCE, San Francisco, USA, 2016.
- Sanctioned to Hack - Hunting Vulnerabilities in SCADA HMIs, GROUNDZERO CONFERENCE, New Delhi, India, 2015
- Design Flaws in Network Switches - Your Network Devices Belong to Us!, TOORCON CONFERENCE, San Diego, CA, USA, 2015
- Dynamics of Cloud Storage Abuse and Exploitation - One More for the Road!, TOORCON CONFERENCE, San Diego, CA, USA, 2015
- Applying Data Science to Cloud Services Auditing, Compliance, Monitoring and Security, PSR (Privacy Security Risk), Las Vegas, USA
- The State of Web Security in SCADA HMIs, OWASP CONFERENCE, San Francisco, CA, USA, 2015
- Hunting Vulnerabilities in SCADA HMIs, DEFCON CONFERENCE, Las Vegas, Nevada, USA, 2015
- Exploiting Fundamental Weaknesses in Botnet C&C Panels, BLACKHAT SECURITY CONFERENCE, Las Vegas, Nevada, USA, 2014
- C-SCAD - Assessing Security Flaws in ClearSCADA WebX Client, BLACKHAT ARSENAL, Las Vegas, Nevada, USA, 2014
- How I Hacked Your Botnet C&C Panels, TOORCON, San Diego, 2014
- Sparty : A Tool to Audit FrontPage and SharePoint, BLACKHAT ARSENAL,Las Vegas, Nevada, USA, 2013
- Emerging Trends in Online Social Network Malware, SECURE 360 , St. Paul, Minnesota, 2013
- Dissecting Socioware - A Study of Online Social Network Malware, INFOSEC SECURITY SOUTHWEST (ISSW),Austin, Texas, 2013
- Malandroid - Android Malware Mayhem, TOORCON, San Diego, 2012
- The Realm of Third Generation Botnet Attacks, GRRCON, Grand Rapids,2012
- Bonded with Botnets, US-CERT GFIRST, Atlanta, 2012
- Botnets Die Hard - Owned and Operated, DEFCON, Las Vegas,2012
- Advancements in Botnet Attacks and Malware Distribution, HACKERS ON PLANET EARTH (HOPE), New York,2012
- Insidious Infections - Mangling with Botnets, LAYERCON, Anaheim, California, 2012
- Dissecting the State of Present-day Malware, HACKCON, Oslo, Norway, 2012
- Hunting Web Malware, HACKER HALTED, Miami, Florida, 2011
- Browser Exploit Packs - Death by Bundled Exploits, VIRUS BULLETIN, Barcelona, Spain, 2011
- Botnets and Browsers - Brothers in the Ghost Shell, BRUCON, Brussels, Belgium, 2011
- The Good Hacker - Dismantling Web Malware, OWASP APPSEC USA, Minnesota, Minneapolis, 2011
- Browser Exploit Packs - Exploitation Tactics, TOORCON, Seattle, Washington, 2011
- Art of Info Jacking - Detecting Hidden Devices, SOURCE, Seattle, Washington, 2011
- Spying on SpyEye Botnet - What Lies Beneath, HACK IN THE BOX, Amsterdam, Netherlands, 2011
- Eye for and Eye - SpyEye Banking Trojan, TOORCON, San Diego, California, 2010
- Web Maniac - Hacking Trust, HACKER HALTED, Miami, Florida, 2010
- The Art of Information Extraction, OWASP APPSEC BRAZIL, Brazil, 2010
- Bug Alcoholic - Untamed World of Web Vulnerabilities, OWASP APPSEC USA, Irvine, California, 2010
- Scaling Web 2.0 Malware Infections, TRISC - Texas Regional Infrastructure Security Conference, Grapevine, Texas, 2010
- Untamed XSS Wars - Filters vs Payloads, RSA Conference, San Francisco, California, 2010
- Browser Design Flaws, TROOPERS, Munich, Germany, 2009
- Web Psyschic 2.0, EXCALIBUR CONFERENCE, Wuxi, China, 2009
- Rumbling Infections - Web 2.0 Malware Anatomy, SECURITYBYTE - OWASP APPSEC ASIA, New Delhi, India, 2009
- Webnoxious 2.0 - Attacking Open End Web, FOSS (Free and Open Source Software), Bangalore, India, 2009
- Vulnerability Vectors in PDF - Synthesizing PDF Attacks, EUSECWEST, London, UK, 2008
- Rolling Balls - Can You Hack Clients?, XFOCUS XCON, Beijing, China, 2008
- KungFoo Jacking Browsers, XFOCUS XCON / XKUNGFOO, Beijing, China, 2008
To check all my presentation, visit: Presentations or Slideshare !
A. Sood and R. Enbody, "Lifecycle of a Botnet", Hackers and Hacking - A Reference Book (Contemporary World Issues), ABC-CLIO, 2013.
- Elastica, Cloud Apps as Malware Distribution Platforms (MDPs): Petya Distribution via Dropbox., 2016
- Elsevier ScienceTech Connect, A Look into Dynamics of Cloud Application Threats, 2015
- Elastica, Salesforce Accounts Susceptible to Hijacking using XSS Flaw, 2015
- Elastica, Elastica Cloud Threat Labs Discovered Latest Google Drive Phishing Campaign, 2015
- Elastica, Case Study - A Government Postal Service Agency's Passwords Document Exposed Publicly, 2015
- Elsevier ScienceTech Connect, Targeted Cyber-Attacks - Understanding the Crux!, 2014
- IOActive Labs Research, The Anatomy of Unsecure Configuration: Reality Bites , 2013
My other blogs are: SecNiche Security Blog. | 0kn0ck's Security Blog.
The contents in this page are those of the author and is solely responsible for the contents of this page.
Last Updated : April, 2016