11 Posts

Zubair Ashraf

X-Force Security Researcher, IBM Security

Zubair Ashraf is a security researcher and team lead for IBM X-Force Advanced Research. He is very passionate about fighting all malicious activities in cyber space (aka cyber-crime/ attacks, or APT etc.). Currently he contributes to this via several means, and to share a few, he is actively and passionately: Educating and training others via his Twitter, blogging or presenting at security events; Analyzing Exploitation Techniques, Malware and Vulnerabilities and advising the IBM Security System's product development teams on prevention and detection strategies. His twitter account (@zashraf1337) has been listed among security researchers that will blow your mind and recommended on Metasploit's blog as among those to be followed if you like vulnerability research and/or exploit development.

Written By Zubair Ashraf

Proactive Threat Hunting and Memory Forensics Against Rombertik

The right free analysis tools can aid proactive threat hunting and help security professionals detect even the most advanced threats in their networks.

A Look Back at ‘The State of Incident Response’ by Bruce Schneier

Recap of Bruce Schneier's Black Hat keynote, "The State of Incident Response," covering trends in the cyberworld and how threats should be addressed.

Embracing the Uncertainty of Advanced Attacks Using Big Data Analytics

How big data can fuel intelligence-driven security and how to secure the big data ecosystem. Based on keynotes from Eddie Schwartz and Davi Ottenheimer.

Analysis of Recent Struts Vulnerabilities in Parameters and Cookie Interceptors, Their Impact and Exploitation

An analysis of the recent Struts vulnerabilities in parameters and Cookie Interceptors, their impact and one possible way to exploit them.

The State of the Hack and Cyber Threat Intelligence Gain/Loss

A recap of Kevin Mandia's "State of the Hack: One Year after the APT1 Report" keynote at RSA 2014 and "Hacking Exposed: PLA Edition" talk by Dmitri Alperovitch and George Kurtz.

How to Cheat Your MDM: Compliance without a Password

In this post, we will describe an unpatched vulnerability (CVE-2014-0900) in earlier releases of Android and how it can be exploited by malicious and lazy users to bypass MDM restrictions.

Mikko Hypponen at TrustyCon: Governments as Malware Authors

Mikko Hypponen's "Government as Malware Authors" version at TrustyCon. There is a value for security professionals, researchers and leaders in the community to revive the keynotes and continue the discussion.

DIY: Android Malware Analysis – Taking Apart OBAD (Part 2)

A in-depth look at how to analyze OBAD manually and discover the device administrator vulnerability that makes it hide and prevent uninstallation. See also how to avoid ANR timeouts.

DIY: Android Malware Analysis – Taking Apart OBAD (Part 1)

OBAD has been agreed upon to be one of the most sophisticated piece of android malware and you can find various analysis on the web. In this series we will take it apart together and learn about its functionality and various techniques that it uses...

Understanding the Android "master key" vulnerability

Bluebox Labs last week announced a vulnerability in Android's code for cryptographic signature verification and app installation. They are planning to publicly disclose the details in their upcoming BlackHat US talk. Google has patched this...

Co-Written By Zubair Ashraf