Chief Information Security Officer (CISO) with more than 20 years of experience in real-world Cyber Security. Leading advanced persistent threats hunting, with expertise on forensic and security orchestration automation response, as well as detection capabilities. An advocate of Cyber Criminology, who understands the motives of hacker strategies and response methodologies. A highly motivated security specialist with a consistent proven record of going the extra mile to meet objectives. With demonstrable experience to effectively detect, prevent, and respond to cyber threats against infrastructures.
|| Cyber Security Architect || Information Security Analyst || Vulnerability Detective || Network Examiner || Digital Data Interpreter ||
|| Digital Intelligence Tactical Solutions Developer || Cyber Criminology || Criminal Science ||
Geek Traits: TISO
My first web designing team was formed in 1997. I started my first web development of Web Directories, Forums, Blogs, E-commerce, CMS and Static & Dynamic websites using multiple programming languages such as HTML, PHP, Python, JSP, ASP, C++ and Adobe suite, Photoshop, Dreamweaver, Macromedia Flash, Fireworks etc. As a webmaster, I taught my web development team how to securely build websites using STLC (Software Testing Life Cycle) methodology and how it should be implemented from the foundation of any IT infrastructure building. Code reviewing practice was the core of my web design principle and I had a special interest in networking and infrastructure security. As a versatile individual with extensive experience of vulnerability detection, prevention and incident response in all areas of the web domain including in-house web hosting infrastructure, I’m a hands-on technician.
Build a smart piSOC with MITRE ATT&CK Unified Security
The threat landscape keeps getting more complex. The trend toward cloud and hybrid environments complicate your cybersecurity posture. Many organisations building a cyberSOC may seem like an impossible task. With limited resources (time, staff, and budget), setting up an operations center supported by multiple security monitoring technologies and in real-time threat updates does seem complicated. Thankfully, I have step by step white-paper for you to start building your own DIY SOC in very cost effective way to implement and manage these different tools on an ongoing basis...Find full white-paper on:https://www.linkedin.com/pulse/build-smart-pisoc-mitre-attck-unified-security-naushad-hunter/
THE SHIFTING CYBER THREAT LANDSCAPE
As hackers become more creative in their subversive techniques, businesses need to become more proactive in educating their workforce and stepping up their cyber incident response plans. Businesses should consult with their vendors, third-party suppliers and stakeholders in every business unit to ensure continuity, mitigate risk and verify that security measures are being employed and regularly updated.
A Majority of Cyber Attacks Successfully Infiltrate Enterprise Environments Without Detection
The report summarizes the results of thousands of real attacks performed by experts from the Mandiant Security. The tests consisted of real attacks, specific malicious behaviors, and actor-attributed techniques and tactics run in enterprise-level production environments representing 11 industries against 123 market-leading security technologies — including network, email, endpoint, and cloud solutions. The report reveals that while organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of the tested attacks successfully infiltrated the organizations’ production environments without their knowledge. READ MORE: attacks-successfully-infiltrate
PhD Project: CyBotic Predator
What is the Cybot, AKA CyBotic Predator : 2018
Here is my 2nd Ph.D research project, CyBotic is an Ultimate Signal Sniffing Predator, which has build in five core functionality’s
Air defence system including Drone defence
Sea defence system
Network & WiFi Defences
IDS & IPS
IoT Operations and Intelligence – IoT Innovation There are two reasons why I want to start a PhD on CyBotic Predator. I have a passion for research on signal sniffing domain itself “i mean hacking”, for developing understanding and knowledge. Also, I have a desire to be intellectually challenged and guided by a world expert in this field. My curiosity on this subject is simple can I able to push my limit to build the ultimate cyber defence system just like security orchestration. Visit dedicated site: https://cybotic.io
Ministry of Hack
M-O-H Security ecosystem provides comprehensive protection for your it infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response, along with integrated risk management which reinvent the way you manage risk. Our methodology based on adversary-centric detection and proactive threat hunting. We are military grade cyber threat hunters, with the years of experience in threat hunting.. We know how attackers think and act, and how to use tools to find them and kick them out.Visit: Ministry Of Hack
Photobox Group Hackathon 2018
We’ve just completed the 5th PhotoBox Group Hackathon! We first time demonstrated my CyBotic Project, AKA CyBotic Predator. I can’t wait to kick off. The CyBot Predator idea thrived from the original RedTeam Hail Mary toolkit developed in 2014.
I am not desperate to leave my current job but am keeping my eyes out for new opportunities.: |=See more=|
CyberWar: How can they hurt us?
What damage can cyber attacks actually do? NATO Review asks the White House’s former director of cyber infrastructure protection what we should be worried about – and how knowledge of cyber attacks’ potential may be more limited than portrayed.
My Hail Mary toolkit have 3 type of attack mode Attack mode 1: Will able to break WPA2 encryption scheme. Key to the kingdom is to tricking the 4-way handshake, This is achieved by manipulating and replaying cryptographic handshake messages in a fundamental way. Attack mode 2: Detect Long-range RFID’s over 100-120m. Attack mode 3: Long-range scanner for contactless smart card (Its embedded integrated circuits can store (and sometimes process) data and communicate with a terminal via 13.56-MHz)
Special Ops Project: Threat intelligence researchers hunting various potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers, in real time. The CyberSecurity landscape has changed. No longer are we protecting against a piece of malicious code – we are defending against persistent adversaries. Find out more about APT’s or Advanced Persistent Threats. (malwaredetective.co.uk)
RedTeam Travel Kit
NHS WannaCry Attack
I am proud to have co-authored this book. Wannacry Ransomware Crowd Source Intelligence, A free resource created by the global cyber community and This is not the end but rather just the beginning of life-impacting cyber attacks. To download this document and to keep abreast of such initiatives and continue receiving reports and guidance papers please Download here
Cyber Immune System
Darktrace is a world leader in Enterprise Immune System technology for cyber security. Using new machine learning techniques based on the biological principles of the human immune system, Darktrace addresses the challenge of detecting previously unidentified cyber threats, irrespective of their origin.
What Is Red Teaming?
Red Teaming is a process designed to detect network and system vulnerabilities and test security by taking a hacker-like approach to information security system/network/data access. This process is also called “RedTeam Operation -ethical hacking” since its ultimate purpose of the red teams is to enhance security system, either by specifying the adversary’s preferences and strategies or by simply acting as a “Devil’s Advocate”. Red Team provides a more realistic picture of the security readiness than exercises.
Fifty Shades of Grey Cyber Lab
It is an art to performing a pen-test. There are various penetration testing methods available. Pen-testing should be an integral part of product SDLC cycle, and You need an Integrated Penetration Testing Tools and a Lab, ReadMore:CyberLab
Decoding Petya Ransomware
Seems I have a decoder for #Petya, but it works only if the system was not rebooted after the infection. Petya Ransomware eats your hard drives.
Ransomware is evolving — fast. The new versions of ransomware use strong asymmetrical encryption with long keys so that files cannot be decrypted without the key. The bad guys have started using TOR and payments in bitcoins for the sake of staying totally anonymous. And now there is Petya ransomware which in a certain sense encrypts the whole hard drive all at once instead of encrypting files one by one.
PUT YOUR DEFENSES TO THE TEST, OFFENSIVE SECURITY TEAMS
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Knowing the adversary’s moves helps you better prepare your defenses. Metasploit, backed by a community of 200,000 users and contributors, gives you that insight. It’s the most impactful penetration testing solution on the planet. With it, uncover weaknesses in your defenses, focus on the highest risks, and improve your security outcomes.
Arbor DDoS Solutions!
The Evolution of DDoS Attacks
Arbor solutions offer full protection and simplified network management on all interconnected environments. They provide a bigger and better overview, actionnable information and proven protection, ensuring that network threats are detected and neutralised. Availibility of the network is thus guaranteed.
Akamai Intelligent Platform
Akamai’s content delivery network- CDN is one of the world’s largest distributed computing platforms, Akamai’s Network Operations Command Center (NOCC) is used for proactive monitoring and troubleshooting of all servers in the global Akamai network. The NOCC provides real time statistics of Akamai’s web traffic. The traffic metrics update automatically and provide a view of the Internet traffic conditions on Akamai’s servers and customer websites.
Elastica CloudSOC platform
The Elastica CloudSOC platform enables companies to confidently leverage cloud applications and services while staying safe, secure and compliant. Leveraging advanced data science and machine learning, CloudSOC taps real-time user traffic, native SaaS APIs and other data sources to provide a single pane of glass for monitoring and controlling your SaaS apps.
NATO Cyber Defence
Cyber Defence Pledge
Cyber threats and attacks are becoming more common, sophisticated and damaging. The Alliance is faced with an evolving complex threat environment. State and non-state actors can use cyber attacks in the context of military operations. In recent events, cyber attacks have been part of hybrid warfare. Read More
See more about the top security events I have attended. Conferences are important events in almost every industry, giving professionals the opportunity to learn about new developments, get valuable insights from leading experts, and network with other professionals. In few fields do conferences play as important a role as they do in information security. This ever-changing industry places high demands on professionals to stay abreast of the latest best practices, trends, and research findings that impact their day-to-day responsibilities and help them perform at their best. See more
0day Exploit for Windows 10 RCE
Call Offensive Security
Call Offsec they are the very best!..Information Security Training, Ethical Hacking Certifications, Virtual Labs and Penetration Testing Services from Offensive Security, the creators of Kali Linux.
Capture The Flag-HackTheBOX
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge.
Cyberlympic ‘Ethical Hacking’ World Championship
Hackers in the world competed in the Global CyberLympics final during Cyber Security Week in The Hague. This is an international hacking competition aimed at improving the level of national cyber security and strengthening international cooperation. “The competition this year was at the highest level we’ve ever seen due to the relevance of the challenges such as credit card cloning and cryptocurrency mining. The whole event had such amazing energy since it was in the middle of Cyber Security Week here in The Hague. Read More: https://www.naushad.co.uk/2017/10/30/cyberlympic/
GDPR Audit Checklist
The first steps towards GDPR compliance are understanding your obligations, what your current processes are and identifying any gaps. Undertaking a data protection audit is essential to achieving compliance. This checklist is intended to provide a starting point, rather than providing an exhaustive audit. Download full PDF here
AppSec Check list Mine Map
Application security encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. From the risk management strategic point of view, the mitigation of application security risks is not a one time exercise; rather it is an ongoing activity that requires paying close attention to emerging threats and planning ahead for the deployment of new security measures to mitigate these new threats. Checklist mine map
Photobox Group Security Team
Wisdom of Crowds Lon Nov2018
Here is my personally built and tested collection of incident response playbook reference guide – first aid tips and preparation guidance to limit damage and protect your mission. A critical principle of medicine applies equally well to cybersecurity incident responses – Do No Harm. Organisations face many pitfalls that can dramatically increase the negative impact of an incident. These guides are designed to help CSIRT (Computer Security Incident Response Team) manage a cybersecurity incident while avoiding common errors, increasing both the effectiveness and efficiency of your incident response efforts.
Threat Intelligence Report
Threat Intelligence: Staying Ahead Of Cyber Criminals, The threat intelligence likewise is an analysis of information collected about the cyber threat so that it provides reliable and structured information about cybersecurity threats. ReadMore
Hacker Business Models
An Inside Look at Business Models of Hackers, The industrialized hackers are intent on one goal–making money. They also know the basic rules of the business of increasing revenues while cutting costs.
Phishing Incident Response
The playbooks define the procedures for security event investigation and response, a written guidance for identifying, containing, eradicating and recovering from cybersecurity incidents. Full file via SlideShare
Defend DDoS Attacks
DDoS attacks are making the headlines but if you architect your infrastructure right at the DNS layer, you can significantly reduce the impact. ReadMore
IT Guys Life in Hell
Pentesting: Exploiting: how the system reacts to an attack, which weak spots exist that could be breached if any, and what data could be stolen from an active system.
NotPetya Ransomware Outbreak
As I expected, On June 27, several organizations in Europe reported ransomware infecting their systems,!. The Wisdom of Crowds Intelligence Full Report -it’s not over yet!
Crowd Sourced Intelligence Doc
WannaCry stopped? No, this is just the beginning. Warm up! Expect more!. Full Report All say that the threat is stopped, but this is untrue. «Kill Switch» only slowed its progress.
MobileSEC Testing Guide
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering PlayBook
High Performance DoS Analyzer
DOS/DDoS Load Analyser built on top of multiple packet capture engines (NetFlow, IPFIX, sFLOW, SnabbSwitch, Netmap, PF_RING, PCAP). Detect networks sending/receiving large volumes of packets
Penetration Testing Framework
A penetration tester’s job is to demonstrate and document a flaw in security. In a normal situation, a pen tester will perform reconnaissance to find some vulnerabilities
SSH Server Auditing: ssh-audit
SSH Audit is a tool for ssh server auditing. Features: Banner grab, Detect SSH1 protocol and zlib compression; * gather key-exchange, encryption & message authentication etc..
Search Machine Since: 1999
My Own Search Engine (Crawler / Spider) 1st developed in 1999 for the Data mining, Text search, Large document collections, Media Monitoring, Text analytics & Document Analysis
USB Anti Forensic Tool: USBdeath
Anti-forensic tool that writes udev rules for known usb devices and do some things at unknown usb device insertion or specific usb device removal.
Information Sensitivity Policy
The Information Sensitivity Policy is intended to help employees in determining appropriate technical security measures which are available for electronic
Secure Unified Communication
Unified communications infrastructure threats and defense strategies and cost savings for businesses. White paper written by Naushad and Gabriela
In this White paper I outlined different approaches to VoIP security and best practices to ensure infrastructure security is intact for making VoIP security a reality by Naushad MSc – Assignment
Modern Disaster Recovery Tools
No More Excuses -I’m Building my own a Modern Disaster Recovery toolkit, How to monitor your strategy to alert you to moves, adds, and changes that may break your plan
Avoid the WPA Wireless Attack
The latest crack in wireless security, specifically, the Wi-Fi Protected Access (WPA) security standard, can threaten the safety of enterprise networks and company information or data
Security on Throughput of IEEEE
Effect of Security on Throughput of IEEE802.11b/g Protocols. Opportunistic Encryption (O-E): In this paper, I propose a framework called O-E that uses an acceptable signal to noise ratio.
GDPR will require 28,000 DPOs
European Union data protection rules will require the appointment of 28,000 data protection officers (DPOs) in the next two years in Europe alone, according to a study.
9 Important Fact:Colocation
With applications supporting your key customer interactions and business functions, all aspects of your IT infrastructure must be scrutinised – including your colocation provider.
Nmap is a great tool for discovering the network services and ports that your server is exposing to the network. In this guide, I will show you some of the hidden features of the NMAP
CCISO Table of Contents
EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives
Blocking Tor proxy [business]
Blocking Tor proxy users to your Linux server, One of the main reasons is improved security, Here we show a way to make the server appear offline only for Tor users (by sending a TCP RST packet to close the connection). ReadMore
Top 100 Hacking Books
This list for everyone who is interested in ethical hacking, beginners or professionals both. These top 100 hacking books pdf list is created based on the public reviews given for the books.
Cyberthreat Defence Report
An organization’s own staff is its biggest cyber security weakness, a new survey from CyberEdge Group claims.
The challenges security managers face never stand still. Threats change, new technologies appear, global conflicts arise, economic cycles drive business change – the trends in each of these areas have a profound and complex impact on successful security strategies. Here is my personal blog will highlight and analyse emerging security trends and discuss new data from worldwide-and-deepweb, government sources, the security community and security events. Find the meaningful events and predictions amidst all the hype and noise.
FireEye released the Mandiant® Security Effectiveness Report 2020 which reveals data about how well organizations are protecting themselves against cyber threats and the overall effectiveness of their security infrastructure. The report summarizes the results of thousands of tests performed by experts from the Mandiant Security[…]
NOTE: This document incomplete, still DRAFT Mode… The intelligence, in terms of security, is a collection of security-related information which when analysed provides meaningful foresight. The threat intelligence likewise is an analysis of information collected about the cyber threat so[…]
Application security encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. From the risk management strategic point of view, the mitigation of application security risks is not a one time exercise;[…]
Many of your company’s most valuable assets are at risk to criminal activities carried out on the Dark Web – and you don’t even know it. Turning a blind eye to this will impact your: Brand and reputation Customer loyalty[…]
Canada’s First Cybersecurity Law | BILL C-59 – Secure Knowledge Management SUMMARY Part 1 enacts the National Security and Intelligence Review Agency Act, which establishes the National Security and Intelligence Review Agency and sets out its composition, mandate and powers. It repeals the[…]