Adnan Masood, a Machine Learning Phd's musings on Life, Technology, Research & Development
As an industry we have all learned that the landscape of information security evolves rapidly. From attack vectors to the KPI/statistics which really matter for security professionals and leaders change and requires a consistent refresh. I usually refer to Trends in Cybersecurity and Verizon's Data Breach Investigations Report to keep up with a consolidated overview of such findings. Microsoft's Trends…
Application security focused company Arxan has created some pretty neat info-graphics summarizing the State of Application Security. They have reached out to me for a review; I found the infographic along with corresponding detailed reports which outlines the summary, methodology, findings, and recommendations, quite effective yet precis overview of the state of appsec. Forty-one percent of mobile…
Presented at IEEE HST 2015 Static Analysis for Web Service Security – Techniques and Tools for a Secure Development Life Cycle Adnan Masood, Nova Southeastern University; Jim Java, Nova Southeastern University
In a recent podcast by Scott Hanselman and Erica Stanley, an Internet of Things (IoT) primer, the guest mentioned how security is being treated as an afterthought for most things IoT. This is unfortunately true in various areas of software development; but especially with the unprecedented growth of IoT, this lax in providing security standards will fast…
Systems and methods for dynamic protection from electronic attacks - US Patent 8726379 B1 Systems and methods for gathering, classifying, and evaluating real time security intelligence data concerning security threats presented by an IP address, and reporting in real time the degree and character of such security threats.
Penetration Testing techniques in web applications by Dimitris Mandilaras, Nikolaos Tsalis is an succinct info-graphic review of different security frameworks / methodologies including OWASP, PTES, ISSAF, NIST, OSSTM and PTF. A short poster can be downloaded from here.
Functional Programming For All! Scaling a MOOC for Students and Professionals Alike Reactive Web Applications with Dynamic Dataflow in F# A Tayanovskyy, S Fowler, L Denuzière, A Granicz - ifl2014.github.io The F# Computation Expression Zoo Tomas Petricek, Don Syme Thinking in LINQ: Harnessing the Power of Functional Programming in .NET ... By Sudipta Mukherjee Clash of the…
Top 100+ Cyber Security Blogs & Infosec Resources - Excellent List by DDOS Protection
I have recently encountered the following error when enumerating through the UserPrincipal.GetAuthorizationGroups collection. System.DirectoryServices.AccountManagement.PrincipalOperationException: An error (1301) occurred while enumerating the groups. The group's SID could not be resolved. The problem was introduction of the domain controller running Server 2012 while the machine running my application was win7 VM (applies to Win2K8 as well) With little…
In lieu of recently passed National Cyber Security Awareness Month, a shout out to CVE-2014-4114 with MS14-060 as a vulnerability in the OLE package manager can be exploited to remotely execute arbitrary code in Microsoft Windows versions Vista SP2 to Windows 8.1 and in Server 2008 and 2012. Yeah, 2012 too. and here is to…