Nishad Herath, Author at Security Intelligence

Researcher, IBM X-Force

Nishad Herath has been involved in the information security community close to two decades. Based in Australia, he is a part of the IBM X-Force Advanced Research group.

Threat Research March 3, 2014

The State of Return Oriented Programming in Contemporary Exploits

6 min read - Return Oriented Programming (ROP) is the general case of a technique often used when exploiting security vulnerabilities caused by memory corruption issues. ROP has become a more frequently used technique in the exploitation of memory corruption vulnerabilities.

Intelligence & Analytics December 13, 2013

Mitigating the Exploitation of Vulnerabilities that Allow Diverting Kernel Execution Flow in Windows

4 min read - A look at vulnerabilities that allow for diverting the kernel execution flow in Windows. So is there any way to subvert the SMEP protection implementation in Windows 8/8.1? Can Return Oriented Programming (ROP) techniques be used to subvert the SMEP…

Malware October 16, 2013

Virtual Machines and How Malware Authors Know When They Are Being Watched

7 min read - How is it that malware can differentiate between being run on real hardware vs being run inside a (system) virtual machine? How exactly do some malware behave differently on real hardware (a bare metal computer system if you will) compared…

Advanced Threats October 7, 2013

You Are Being Watched! Ways Malware Authors Are Fighting to Maintain FUD Status

4 min read - What are some of the things malware authors have to fight against to maintain this coveted FUD (Fully Undetectable) status and what are some of the strategies they employ? The longer the malware perpetrators can delay detection of their malware…

Endpoint August 19, 2013

Android 4.3 is Here! What Does it Mean for Security?

4 min read - Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

Failed to load data

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series Threat Research Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

{{title}}

Topics

The State of Return Oriented Programming in Contemporary Exploits

Mitigating the Exploitation of Vulnerabilities that Allow Diverting Kernel Execution Flow in Windows

Virtual Machines and How Malware Authors Know When They Are Being Watched

You Are Being Watched! Ways Malware Authors Are Fighting to Maintain FUD Status

Android 4.3 is Here! What Does it Mean for Security?

{{{title}}}