New Milestone in International Research Collaboration

CoverToday, Tuesday, May 6, 2014, it was announced by Informing Science Institute that our research collaboration paper entitled, A Comparison of International Information Security Regulations, was finally publicized in Interdisciplinary Journal of Information, Knowledge, and Management (IJIKM).  It was a long road from its inception back in 2012 when Prof Lincke coined the idea of research collaboration among the three institution: Ostfalia University of Applied Science,  University of Wisconsin-Parkside and Swiss German University.  This publication mark a new milestone of research collaboration Swiss German University started when Prof Lie of Ostfalia University of Applied Science signed an Memorandum of Understanding with Swiss German University back in August 2011.  I am grateful for an opportunity to participate in this research collaboration where the researchers are all very passionate and determine to pursue to produce nothing but the best in their research.

More Botnet Take Down … Are we there yet?

Another take down of the world third largest botnet (after Cutwail and Lethic), called GRUM and this time roughly 18 percent of global spam, or 18 billion spam messages a day was reported on Wednesday, 18 July 2012, according to NY Times.  The C&C servers pointing to IP addresses and have identified by FireEye researchers with the help of Dutch authorities and these IP addresses are Russian and Panama IP addresses, respectively.  GRUM botnet has been around since 2008 according to FireEye security researcher.  When the 2 servers was taken down by the Dutch authorities, the bot herders quickly move their C&C servers to Ukraine and the Panama servers were removed immediately by the bot herders.  Even tough we have successfully taken down GRUM but the world has not yet free from SPAM and worst, one botnet died, 3 more botnet sprang up.  At the end, we need to catch those coders and put them behind bars, as quoted by Jose Nazario, a senior security researcher from Arbor Networks.

Are you ready to hack Google Chrome?

Google invites everyone to hack google chrome, as described in its chrome blog. The reward is up to $ 1 million and it will be announced at the annual CanSecWest security conference in Vancouver March 7-9 2012.  They withdrew from the Pwn2own since they discovered that contestants are allowed to enter Pwn2Own without having to reveal full exploits or even the bugs used to the vendors.  Are you ready for the challenge?

NTU is looking Research Associates and Research Scientists

Nanyang Technological University (Computer Security Lab) – Singapore is looking Research Associates and Research Scientists with the following requirements:

Applicants should have at least a Bachelors degree preferably with 2nd class Honours and above in Computer Science / Computer Engineering / Infocomm Technology / Information Science or a related field with at least 3 years of work experience in a related field for the Research Associate position and at least 6 years for the Research Scientist position. Applicants with relevant Masters or higher qualifications without the minimum experience will also be considered.

We expect that a candidate would be able to work independently or in a team, possess strong problem-solving and debugging skills as well as a high level of drive and initiative. Strong written and verbal communication skills would be desirable.

Entry level and starting salary will depend on the candidate’s qualifications and experience. Applicants are invited to send in their detailed CV together with the following completed application form:

to Dr Peter Loh at:

The job is open to Singaporean as well as foreigner. The announcement was originally posted at linkedin.

Microsoft is looking for Security Researcher

Are you up to the challenge? Microsoft is hiring security researchers to be located in Redmond, WA, USA.  They are looking for people who is passionate about security research.

They are looking for passionate and self motivated researchers that are able to perform research on vulnerability and exploits.  Coding skills using C/C++ and be able to perform reverse engineering on the binaries is a must for this job.  They also must have an in-depth understanding of the TCP/IP stack and at least one major application-layer protocol.  The person must be able to demonstrate their passion for the work through one of the information security professional certification mentioned in Microsoft page.

The original announcement can be found here.