security

security
profile
Account protections - A Google Perspective
security

Account protections - A Google Perspective

FIC 2020

Spotlight: Malware Lead Generation At Scale
security

Spotlight: Malware Lead Generation At Scale

ACSAC 2020

A Hacker’s guide to reducing side-channel attack surfaces using deep-learning
cryptography

A Hacker’s guide to reducing side-channel attack surfaces using deep-learning

Defcon & BH 2020

Malicious Documents Emerging Trends: A Gmail Perspective
security

Malicious Documents Emerging Trends: A Gmail Perspective

RSA 2020

Protecting accounts from credential stuffing with password breach alerting
security

Protecting accounts from credential stuffing with password breach alerting

Usenix Security 2019

A Hacker Guide To Deep Learning Based Side Channel Attacks
cryptography

A Hacker Guide To Deep Learning Based Side Channel Attacks

Defcon 2019

Password checkup: from 0 to 650, 000 users in 20 days
security

Password checkup: from 0 to 650, 000 users in 20 days

Mar 2019

Account security - a divided user perception
security

Account security - a divided user perception

Feb 2019

The bleak picture of two-factor authentication adoption in the wild
security

The bleak picture of two-factor authentication adoption in the wild

Dec 2018

Data Breaches: User Comprehension, Expectations, and Concerns with Handling Exposed Data
security

Data Breaches: User Comprehension, Expectations, and Concerns with Handling Exposed Data

SOUPS 2018

Tracking desktop ransomware payments end to end
security

Tracking desktop ransomware payments end to end

S&P 2018

Unmasking the ransomware kingpins
security

Unmasking the ransomware kingpins

Oct 2017

Exposing the inner-workings of the ransomware economy
security

Exposing the inner-workings of the ransomware economy

Sep 2017

How to trace ransomware payments end-to-end - an overview
security

How to trace ransomware payments end-to-end - an overview

Aug 2017

The first collision for full SHA-1
security

The first collision for full SHA-1

Crypto 2017

Tracking ransomware payments end to end
security

Tracking ransomware payments end to end

BH USA 2017

How we created the first SHA-1 collision and what it means for hash security
security

How we created the first SHA-1 collision and what it means for hash security

Black Hat 2017

Ten simple steps for keeping your laptop secure
how-to

Ten simple steps for keeping your laptop secure

Apr 2017

Bad beat: practical attacks against poker cheating devices
hacking

Bad beat: practical attacks against poker cheating devices

Mar 2017

Targeted Attack Against Corporate Inboxes A Gmail Perspective
security

Targeted Attack Against Corporate Inboxes A Gmail Perspective

RSA 2017

Royal flush: an in-depth look at poker cheating devices accessories
hacking

Royal flush: an in-depth look at poker cheating devices accessories

Nov 2016

Full(er) House: Exposing high-end poker cheating devices
hacking

Full(er) House: Exposing high-end poker cheating devices

Oct 2016

Investigating commercial pay-per-install and the distribution of unwanted software
anti-abuse

Investigating commercial pay-per-install and the distribution of unwanted software

Usenix Security 2016

Cheating at poker - James Bond Style
hacking

Cheating at poker - James Bond Style

Defcon 2016

5 useful tips to bulletproof your credit cards against identity theft
how-to

5 useful tips to bulletproof your credit cards against identity theft

Jul 2016

Users really do plug in usb drives they find
security

Users really do plug in usb drives they find

S&P 2016

Lessons learned while protecting Gmail
security

Lessons learned while protecting Gmail

Enigma 2016

Framing dependencies introduced by underground commoditization
anti-abuse

Framing dependencies introduced by underground commoditization

WEIS 2015

Survey: most people don't lock their android phones - but should
security

Survey: most people don't lock their android phones - but should

Mar 2014

18.4% of us internet users got at least one of their account compromised
anti-abuse

18.4% of us internet users got at least one of their account compromised

Jan 2013

Some insights about password shapes
security

Some insights about password shapes

Feb 2011

Kamouflage loss-resistant password management
security

Kamouflage loss-resistant password management

ESORICS 2010

Reversing dpapi and stealing windows secrets offline
security

Reversing dpapi and stealing windows secrets offline

Black Hat DC 2010

newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.