Profile

Cover photo
Bradley Susser
Works at Bot24, Inc
Attended Pace University
Lives in Los Angeles
256 followers|729,204 views
AboutPostsPhotosVideos

Stream

Bradley Susser

Shared publicly  - 
 
14 days running a secret Dark Web pedophile honeypot (and why I now think Tor is the devil)
Before discoursing the lengthy analysis of the Dark Web honeypots (there were three), let’s answer the question that is surely on everyone’s mind – did the honeypot allow me to reveal the true identity of the person visiting the Tor site? In many cases enou...
Before discoursing the lengthy analysis of the Dark Web honeypots (there were three), let’s answer the question that is surely on everyone’s mind – did the honeypot allow me to reveal the true identity of the person visiting ...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Profiling and Investigating Abnormally Malicious Chinese Autonomous Systems With WEBINT
An autonomous system (AS) is a collection of connected internet protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to...
An autonomous system (AS) is a collection of connected internet protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, c...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Chrome heap overflow in CertificateResourceHandler
There’s an integer overflow/truncation issue in the handling of files of certificate MIME-types (application/x-x509-user-cert and similar) of large size (>4gig), resulting in heap corruption/RCE in the chrome browser process. The vulnerable code is in conte...
There’s an integer overflow/truncation issue in the handling of files of certificate MIME-types (application/x-x509-user-cert and similar) of large size (>4gig), resulting in heap corruption/RCE in the chrome browser process...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Fake links in Skype
http://jaanuskp.blogspot.com/ 2015/07/fake-links-in-skype. html The issue in Skype (bit hard to name it a real vulnerability) is actually a simple one - you can send links that seem to direct user to one URL, but actually send to some other. This is quite n...
http://jaanuskp.blogspot.com/2015/07/fake-links-in-skype.html The issue in Skype (bit hard to name it a real vulnerability) is actually a simple one - you can send links that seem to direct user to one URL, but actually send ...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
New Android Malware Family Know As “Gunpoder” Evades Antivirus Detection by Using Popular Ad Libraries
Unit 42 discovered a new family of Android malware that successfully evaded all antivirus products on the VirusTotal web service. We named this malware family “Gunpoder” based on the main malicious component name, and the Unit 42 team observed 49 unique sam...
Unit 42 discovered a new family of Android malware that successfully evaded all antivirus products on the VirusTotal web service. We named this malware family “Gunpoder” based on the main malicious component name, and the Uni...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
101 ways to pwn a phone
The Grandstream GXV3275 is an android-based VoIP video phone. I was recently provided one at work, and since I don’t really like talking on the phone, I figured it might be more interesting to take a look at the security of the device. The phone’s screen he...
The Grandstream GXV3275 is an android-based VoIP video phone. I was recently provided one at work, and since I don’t really like talking on the phone, I figured it might be more interesting to take a look at the security of t...
1
Add a comment...
Have him in circles
256 people
Patrick Hendrick's profile photo
Nebero Systems's profile photo
Vishal Bhatt's profile photo
Mike Nebero's profile photo
Andrzej Wysocki's profile photo
SKY H00PER's profile photo
Віктор Мисливський Двір's profile photo
Minh Triet Pham Tran's profile photo
EDDAIF YOUSSEF's profile photo

Bradley Susser

Shared publicly  - 
 
BlackCat CMS v1.1.2 XSS vulnerability.
# Affected software: black cat cms # Type of vulnerability:stored xss # URL:http://blackcat-cms.org/ # Discovered by: provensec # Website: provensec.com #version:BlackCat CMS 1.1.2 # Proof of concept​ goto ad group page http://demo.opensourcecms.com/blackca...
# Affected software: black cat cms # Type of vulnerability:stored xss # URL:http://blackcat-cms.org/ # Discovered by: provensec # Website: provensec.com #version:BlackCat CMS 1.1.2 # Proof of concept​ goto ad group page http:...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Unmasking Kernel Exploits
A large set of publicly disclosed Advanced Persistent Threat (APT) and nation state attacks use sophisticated malware (e.g Turla, Duqu, Equation Group, Duqu2, etc.) that make use of at least one component running hidden inside the kernel of the Microsoft Wi...
A large set of publicly disclosed Advanced Persistent Threat (APT) and nation state attacks use sophisticated malware (e.g Turla, Duqu, Equation Group, Duqu2, etc.) that make use of at least one component running hidden insid...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Threat Actors Use Encrypted Office Binary Format to Evade Detection
Microsoft Office documents play an important role in our work and personal lives. In the last couple years, unfortunately, we have seen a number of exploits, especially some critical zero-day attacks, delivered as Office documents. Here are a couple of stan...
Microsoft Office documents play an important role in our work and personal lives. In the last couple years, unfortunately, we have seen a number of exploits, especially some critical zero-day attacks, delivered as Office docu...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
HTTP/2: Enforcing Strong Encryption as the De Facto Standard
HTTP Protocol, which serves as the communication channel for HTTP requests and responses on the Web, has received its first major revision since introduction of HTTP 1.1 in 1999, the new standard brings faster web page rendering and better encryption standa...
HTTP Protocol, which serves as the communication channel for HTTP requests and responses on the Web, has received its first major revision since introduction of HTTP 1.1 in 1999, the new standard brings faster web page render...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
NewStatPress 1.0.4, Multiple Vulnerabilities
g0blin Research reports SQLi and Reflected XSS vulnerabilities in NewStatPress <= 1.0.4. The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, without sanitation. While WordPress au...
g0blin Research reports SQLi and Reflected XSS vulnerabilities in NewStatPress <= 1.0.4. The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, withou...
1
Add a comment...

Bradley Susser

Shared publicly  - 
 
Vulnerability of Speaker Verification under Realistic Attacks
This package is an extension to the  bob.bio.spear  package. It contains functionality to run speaker recognition experiments on the  AVspoof  database. It is an extension to the  bob.bio.spear  package, which provides the basic scripts. For further informa...
This package is an extension to the bob.bio.spear package. It contains functionality to run speaker recognition experiments on the AVspoof database. It is an extension to the bob.bio.spear package, which provides the basic ...
1
Add a comment...
People
Have him in circles
256 people
Patrick Hendrick's profile photo
Nebero Systems's profile photo
Vishal Bhatt's profile photo
Mike Nebero's profile photo
Andrzej Wysocki's profile photo
SKY H00PER's profile photo
Віктор Мисливський Двір's profile photo
Minh Triet Pham Tran's profile photo
EDDAIF YOUSSEF's profile photo
Work
Occupation
President of company that develops interactive 2D/3D games for Open Source (Penetration Testing) IT Security and Digital Forensic tools. Cyber Security Consultant (Expected), Small Financier (Recent Manhattan Commercial Prop sold & Coral Gables Lux Bldg Investment 66 units closed already ($24.2 mln gross sales) & Commerical units set to close soon ($7.0 Mln gross) from Dec 27, 2012.initial investment.
Employment
  • Bot24, Inc
    President, 2004 - present
    President: Developing interactive 2D/3D games for Open Source (Penetration Testing) IT Security and Digital Forensic tools. Website: Bot24.com Sample 2D game at following link: http://bot24.com/index.php?option=com_content&view=article&id=90&Itemid=479 Contact Number: 646-632-5359
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Los Angeles
Previously
New York City - Boston - Great Neck - Charlotte
Links
Links
Story
Tagline
Life is to short! Kiss slowly, Love Deeply & forgive quickly. Forget the past, but remember what it taught you.
Introduction
Cyber Security, Digital Signage and Global Markets. Small financier always looking for opportunities to invest in innovative technologies and commercial real estate. Quote: Success is not measured by what you accomplish, but by the opposition you have encountered, and the courage with which you have maintained the struggle against overwhelming odds. (by Orison Swett Marden)
Bragging rights
BS, MSIS (IT Security & Information Assurance)- Equivalent To Summa cum laude/Final GPA of 3.85–4.00
Education
  • Pace University
    Masters in Information Systems Security & Assurance, 2012
  • Queens College, City University of New York
    1994
Basic Information
Gender
Male
Other names
Suss