Track Record

Featured contributions

• OPECST: “Les nouveaux développements de l’intelligence artificielle” (Nov 2024): French Parliamentary Office for Scientific and Technological Assessment report (Sénat N° 170 / Assemblée Nationale N° 642). Invited contributor alongside OpenAI, Google DeepMind, Meta, Microsoft.
• Renaissance Numérique: The AI Dialogues (2024): Invited expert contributor to the French think tank’s multi-stakeholder policy series on international AI governance. Sessions in Geneva and Brussels (UCLouvain). Contributions published in Interim note #1 and Interim note #2.
• PhD, Information Security for Smart Cities: Brunel University London (2019). Full thesis.
• CV (PDF) · Fiche Projet (PDF)

Policy contributions and think tanks

• Renaissance Numérique: The AI Dialogues (2024): Invited expert contributor to the French think tank’s consultation on international AI governance, alongside academics, policymakers and industry experts. Geneva and Brussels (UCLouvain) sessions. Interim note #1 · Interim note #2.
• OPECST, French Parliamentary Office for Scientific and Technological Assessment (2024): Contributor, “Les nouveaux développements de l’intelligence artificielle” (Sénat N° 170 / Assemblée Nationale N° 642), alongside OpenAI, Google DeepMind, Meta, Microsoft. Report.

Publications

Threat research (Kaspersky GReAT) at Securelist, academic publications, and policy contributions. Full scholar profile: Google Scholar.

2024

• Machine learning in threat hunting, Securelist
• New Tropic Trooper Web Shell infection, Securelist
• BellaCpp: C++ version of BellaCiao, Securelist
• DuneQuixote, Securelist
• CVE-2024-30051, Securelist
• CloudSorcerer: new APT cloud actor, Securelist
• How safe is Wi-Fi in Paris?, Kaspersky
• Darknet predictions for 2024, Securelist
• KSB Dark Web predictions 2025, Securelist

2023

• HrServ APT Web Shell, Securelist
• A hack in hand is worth two in the bush, Securelist
• DoubleFinger loader delivering GreetingGhoul cryptocurrency stealer, Securelist

2022

• DeftTorero: tactics, techniques and procedures, Securelist
• DeathStalker targets legal entities with new Janicab variant, Securelist
• Ransomware and wiper signed with stolen certificates, Securelist
• A bad luck BlackCat, Securelist
• Luna / Black Basta ransomware, Securelist
• Elections GoRansom and HermeticWiper attack, Securelist

2021

• WIRTE’s campaign in the Middle East: living off the land since at least 2019, Securelist

2020

• 5G predictions 2020, Securelist
• DeathStalker: mercenary triumvirate, Securelist

2019

• PhD thesis: Information security for smart cities, Brunel University London
• 5G security for smart cities, Securelist
• MuddyWater’s arsenal, Securelist
• Gaza Cybergang Group1 Operation SneakyPastes, Securelist

2018

• MuddyWater, Securelist
• Operation Parliament: who is doing what, Securelist
• Journal article: World Journal of Entrepreneurship, Management and Sustainable Development, Emerald
• Securing the Smart City Olympics, ResearchGate
• Securing the Smart City Olympics, Olympics Library

2017

• From Shamoon to StoneDrill, Securelist
• Gaza Cybergang updated 2017 activity, Securelist
• Securing Smart Cities consortium: 15 things · IAC · SCCCM · Municipal drones · Securing the Olympics

2016

• Operation Ghoul: targeted attacks on industrial and engineering organizations, Securelist
• Guidelines for safe smart cities, Securing Smart Cities
• The Smart City department: cyber security role and implications, ResearchGate
• Additional: Smart Cities cybersecurity worries · SCD guidelines · SSC 5G

2015

• The Syrian malware part 2: who is the Joe?, Securelist
• The Desert Falcons targeted attacks, Securelist
• Gaza Cybergang: where’s your IR team?, Securelist

2014

• The rise of cybercrime in Dubai and UAE, Securelist
• The Syrian malware house of cards, Securelist

Speaking engagements

100+ international keynotes, panels, and briefings across security, policy, and executive audiences.

Conferences and forums

• Les Assises de la Sécurité, Monaco
• Smart City Expo World Congress, Barcelona
• Cybersecurity Weekend: Lisbon · Kuala Lumpur · Baku · Almaty
• European Technology Chamber
• Geneva Internet Governance Forum
• Security Analyst Summit, Singapore
• Gartner Security & Risk Management Summit
• ITU Virtual Forum on Accelerating Digital Transformation in Africa
• Saudi LEAP
• Saudi CISO Summit
• CISO Africa Summit
• Panel on cybersecurity and governance in Africa, Rwanda
• GITEX Africa, Morocco
• MENA ISC
• GITEX, Dubai
• GISEC, Dubai
• Dubai CIO Summit
• IDC CIO Summit: Egypt · Dubai · South Africa · Qatar
• IDC Security Summit
• ISMG, Dubai
• ISACA, Dubai
• UAE E-Crime Congress
• Qatar Central Bank Information Security Conference
• RIPE NCC, Ankara
• ATMIA, Dubai
• Cyfrica
• Arab Security Conference (ASC)
• Arab Emtech
• Digital Alliance
• Lebanon Internet Governance Forum (IGF)
• Cairo ICT
• Bahrain Arab Tech Forum (MIT Enterprise Forum)
• E-Government Forum, Kuwait
• ICT Qatar
• FSIREC, Qatar
• Wisdom of Crowds: CM-Alliance

Webinars

• Mettre en œuvre l’IA et l’apprentissage automatique pour une cybersécurité avancée (2025)
• APT Landscape Unveiled: Trends, Challenges, Solutions (2023)
• SAS for Business: The forces transforming cybersecurity in 2019 and beyond
• Threat landscape in META: cyberthreats in the new reality
• Annual predictions on the future of cyber-threats for business and consumers in 2016

Training and mentoring

• Jordan Government: Malware analysis and threat hunting training (2023)
• University of Wales Trinity Saint David (UWTSD): Lecturer, Advanced Cybersecurity Essentials workshop for cloud computing students (2022, 3 months)
• Saudi Government: Malware analysis, incident response, mobile forensics (2022)
• Interpol / Naif University: Advanced training for top national students and MENA law enforcement (2021)
• Interpol, Lebanon banking sector: Cybersecurity training (10 banks, 2 weeks, 2016)
• Saudi Central Bank (SAMA): Cybersecurity training (20 banks, 3 weeks, 2015)
• UNDP, Police departments: Information security training (2 weeks, 2014)
• UNDP: Information security research on cyber threats in the Middle East (2014)
• Certified Ethical Hacker (CEH) and CCNA Security: certified trainer (2011)

Media

Featured in or quoted by:

CNN · BBC · Forbes · Bloomberg · Fortune · France 24 · Sky News · MSNBC · MSN · Le Monde Numérique · Al Arabiya · Al Sharq · Dubai TV · Gulf Times · Gulf News · Khaleej Times · Kuwait Times