5 Posts

Nishad Herath

Researcher, IBM X-Force

    Nishad Herath has been involved in the information security community close to two decades. Based in Australia, he is a part of the IBM X-Force Advanced Research group.

    Written By Nishad Herath

    The State of Return Oriented Programming in Contemporary Exploits

    Return Oriented Programming (ROP) is the general case of a technique often used when exploiting security vulnerabilities caused by memory corruption issues. ROP has become a more frequently used technique in the exploitation of memory corruption...

    Mitigating the Exploitation of Vulnerabilities that Allow Diverting Kernel Execution Flow in Windows

    A look at vulnerabilities that allow for diverting the kernel execution flow in Windows. So is there any way to subvert the SMEP protection implementation in Windows 8/8.1? Can Return Oriented Programming (ROP) techniques be used to subvert the SMEP...

    Virtual Machines and How Malware Authors Know When They Are Being Watched

    How is it that malware can differentiate between being run on real hardware vs being run inside a (system) virtual machine? How exactly do some malware behave differently on real hardware (a bare metal computer system if you will) compared to a...

    You Are Being Watched! Ways Malware Authors Are Fighting to Maintain FUD Status

    What are some of the things malware authors have to fight against to maintain this coveted FUD (Fully Undetectable) status and what are some of the strategies they employ? The longer the malware perpetrators can delay detection of their malware by...

    Android 4.3 is Here! What Does it Mean for Security?

    Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

    Co-Written By Nishad Herath