Skip to main content

Yury S Chemerkin

ITMO University, Secure Information Technologies, Post-Doc

Russian State University for the Humanities, Institute for Information Sciences and Security Technologies, Graduate Student

Followers

200

Following

85

Public Views

10+ years experience of exploitation from different viewpoints (incl. forensics) based on misunderstood security principles and core competencies are in advanced secure architecture, design and development defense and offense solutions.
Multi-skilled security lead expert and techlead on security & compliance and mainly focused on privacy and leakage showdown.
Key activity fields are EMM and Mobile Computing, IAM, IIoT, IoT, IDPS, Cloud Computing and On-Premises solutions, Audit, Forensics & Compliance

less

InterestsView All (34)

Uploads

Advanced by Yury S Chemerkin

Conf by Yury S Chemerkin

Security Compliance Challenges On Clouds

Security Compliance Challenges On Clouds, 2013

Article by Yury Chemerkin published in Cyber Times International Journal of Technology & Manageme... more

YURY CHEMERKIN ICITST-2012 Proceedings

This paper proposes a new security research covers BlackBerry issues relating their own features ... more This paper proposes a new security research covers BlackBerry issues relating their own features relied on highest possible way of integration and aggregation with data, service and application that simplifies management. Such way integration shapes developer's outlook as well as malware writer's outlook led to the bypass security methods. Despite of that, BlackBerry is full of holes to the brim if consumer has a flexible IT Policy even because current security techniques implemented in BIS (BlackBerry Internet Service) or BES (BlackBerry Enterprise Server) are indecisive argument to be sure in security and privacy and do not provide enough controls. As opposite to smartphone, the tablets (PlayBook) are quite new, QNX-based and have the most known technologies, such Adobe Air, HTML5, and Android Dalvik-Runtime, are implemented widely. However, they have a poor application environment and a little those feature known on non-QNX BlackBerry device. This makes security more difficult and unstable to reliably use it by end-users. Research shows that additional third party security solutions often ruin security while native environment allows intercepting, blocking, stealing, misleading, substitute data in real-time bypassing security controls that, finally, reveal sensitive information and turn security solutions to the malware agents.

YURY CHEMERKIN I-Society-2013 Proceedings

Since a web-technology has arisen and clouds has come, every application wants to be online and o... more Since a web-technology has arisen and clouds has come, every application wants to be online and operates with sensitive data that cannot but attract anyone to get an access this data. It means an urgent need in security. Examining the clouds leads us to different visions of security controls and metrics per each cloud vendor while industrial organizations try to help to the vendors and their customers with an appropriate security level. They offer a transparency of security controls that belong to different vendors against the best security practices.

YURY CHEMERKIN ITA 2013 Proceedings

SECURITY COMPLIANCE CHALLENGES ON CLOUDS

SECURITY COMPLIANCE CHALLENGES ON CLOUDS, 2013

Article by Yury Chemerkin published in Cyber Times International Journal of Technology & Manageme... more

Tech by Yury S Chemerkin

INSECURITY OF BLACKBERRY SOLUTIONS: VULNERABILITY ON THE EDGE OF THE TECHNOLOGIES

INSECURITY OF BLACKBERRY SOLUTIONS: VULNERABILITY ON THE EDGE OF THE TECHNOLOGIES, Jan 1, 2012

The starting point of security systems has been declared several decades ago. The essence raise k... more The starting point of security systems has been declared several decades ago. The essence raise knowledge questions how it works and how it will attack. Simpler, any kind of security system should keep project documentation, data flows, policy rules and other documents that covers almost all points we need to answer to the embarrassing questions. Whereupon decision-making are welcome and coming...

New security paradigms raised by Cloud Solutions as a vital necessity to renew cloud management strategies.

New security paradigms raised by Cloud Solutions as a vital necessity to renew cloud management strategies., Mar 1, 2012

Technological expansion set backward cling to the previous technology vision because of superfici... more Technological expansion set backward cling to the previous technology vision because of superficial knowledge of current IT nature. This way leads to inability to data resource management on the one hand, while the failure is result of hazy unreasonable redesign on other hand. Groundlessness usually crowns the final stage.

AWS Cloud Security From the Point of View of the Compliance

Comparative Analysis on Forensics

Юрий Чемёркин представитель Hakin9 Magazine, исследователь ЗАО "ПМ" Основной подход к изолировани... more Юрий Чемёркин представитель Hakin9 Magazine, исследователь ЗАО "ПМ" Основной подход к изолированию устройстваиспользование встроенного механизма, известного как режим "в самолете", и для большинства телефонов использование

STATE OF ART OF MOBILE FORENSICS

A Security System That Changed The World

A Security System That Changed The World, Feb 1, 2011

Enterprise data is a valuable corporate asset, and therefore ensuring it’s over integrity is an i... more

Is Data Secure on the Password Protected Blackberry Device?

Is Data Secure on the Password Protected Blackberry Device?, Feb 1, 2011

People who have ever heard of password utility think the usage of it can protect their private da... more

The Backroom Message That’s Stolen Your Deal

The Backroom Message That’s Stolen Your Deal, Apr 1, 2011

Do you want to learn more about bigwig? Is someone keeping secrets from you? Need to silently rec... more

Why Is Password Protection a Fallacy - a Point of View?

Why Is Password Protection a Fallacy - a Point of View?, Jun 15, 2011

"MAKE your password strong, with a unique jumble of letters, numbers and punctuation marks. But m... more

Does your BlackBerry smartphone have ears?

Does your BlackBerry smartphone have ears?, Jul 1, 2011

This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped... more This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped cave cut that connected the rooms of his palace so that he could hear what was being said from another room. Similar listening posts were installed in other palaces over the centuries, including the Louvre in Paris.

To Get Round To The Heart Of Fortress

To Get Round To The Heart Of Fortress, Aug 15, 2011

Cybercrime is becoming a growing threat to society. The thefts of information, crashing a website... more Cybercrime is becoming a growing threat to society. The thefts of information, crashing a website or manipulating online payment traffic are also increasing. Many organizations offer various services in the battle against digital crime, such as network or data monitors and extractions tools. It is interesting mainly to authorities and financial institutions, but they are accessible to every organization

When Developer's API Simplify User-Mode Rootkits Developing

When Developer's API Simplify User-Mode Rootkits Developing, Feb 8, 2012

This is a series of articles about shell extensions that enhance high-level features of any opera... more This is a series of articles about shell extensions that enhance high-level features of any operation system. However, such possibilities not only enrich platform but simplify developing trojans, exploits that leads to the new security holes. Mostly this kind of extensions are known as usermode rootkits.

Social network privacy guide

Social network privacy guide, Apr 1, 2012

This series of articles about security trips how to make social networking is more secure on the ... more

Comparison of Android and BlackBerry Forensic Techniques

Comparison of Android and BlackBerry Forensic Techniques, Apr 16, 2012

As digital data is omnipresent now, the digital forensics has quickly become a legal necessity. M... more As digital data is omnipresent now, the digital forensics has quickly become a legal necessity. Mobile devices have quickly grown and extend their own features which simplifying makes them less unique. Developers API, SDK, NDK provide great opportunity to build live, DLP or spyware for data extracting.

Social network privacy guide

Social network privacy guide, May 21, 2012

This series of articles about security trips how to make social networking is more secure on the ... more

Security Compliance Challenges On Clouds

Security Compliance Challenges On Clouds, 2013

Article by Yury Chemerkin published in Cyber Times International Journal of Technology & Manageme... more

YURY CHEMERKIN ICITST-2012 Proceedings

This paper proposes a new security research covers BlackBerry issues relating their own features ... more This paper proposes a new security research covers BlackBerry issues relating their own features relied on highest possible way of integration and aggregation with data, service and application that simplifies management. Such way integration shapes developer's outlook as well as malware writer's outlook led to the bypass security methods. Despite of that, BlackBerry is full of holes to the brim if consumer has a flexible IT Policy even because current security techniques implemented in BIS (BlackBerry Internet Service) or BES (BlackBerry Enterprise Server) are indecisive argument to be sure in security and privacy and do not provide enough controls. As opposite to smartphone, the tablets (PlayBook) are quite new, QNX-based and have the most known technologies, such Adobe Air, HTML5, and Android Dalvik-Runtime, are implemented widely. However, they have a poor application environment and a little those feature known on non-QNX BlackBerry device. This makes security more difficult and unstable to reliably use it by end-users. Research shows that additional third party security solutions often ruin security while native environment allows intercepting, blocking, stealing, misleading, substitute data in real-time bypassing security controls that, finally, reveal sensitive information and turn security solutions to the malware agents.

YURY CHEMERKIN I-Society-2013 Proceedings

Since a web-technology has arisen and clouds has come, every application wants to be online and o... more Since a web-technology has arisen and clouds has come, every application wants to be online and operates with sensitive data that cannot but attract anyone to get an access this data. It means an urgent need in security. Examining the clouds leads us to different visions of security controls and metrics per each cloud vendor while industrial organizations try to help to the vendors and their customers with an appropriate security level. They offer a transparency of security controls that belong to different vendors against the best security practices.

YURY CHEMERKIN ITA 2013 Proceedings

SECURITY COMPLIANCE CHALLENGES ON CLOUDS

SECURITY COMPLIANCE CHALLENGES ON CLOUDS, 2013

Article by Yury Chemerkin published in Cyber Times International Journal of Technology & Manageme... more

INSECURITY OF BLACKBERRY SOLUTIONS: VULNERABILITY ON THE EDGE OF THE TECHNOLOGIES

INSECURITY OF BLACKBERRY SOLUTIONS: VULNERABILITY ON THE EDGE OF THE TECHNOLOGIES, Jan 1, 2012

The starting point of security systems has been declared several decades ago. The essence raise k... more The starting point of security systems has been declared several decades ago. The essence raise knowledge questions how it works and how it will attack. Simpler, any kind of security system should keep project documentation, data flows, policy rules and other documents that covers almost all points we need to answer to the embarrassing questions. Whereupon decision-making are welcome and coming...

New security paradigms raised by Cloud Solutions as a vital necessity to renew cloud management strategies.

New security paradigms raised by Cloud Solutions as a vital necessity to renew cloud management strategies., Mar 1, 2012

Technological expansion set backward cling to the previous technology vision because of superfici... more Technological expansion set backward cling to the previous technology vision because of superficial knowledge of current IT nature. This way leads to inability to data resource management on the one hand, while the failure is result of hazy unreasonable redesign on other hand. Groundlessness usually crowns the final stage.

AWS Cloud Security From the Point of View of the Compliance

Comparative Analysis on Forensics

Юрий Чемёркин представитель Hakin9 Magazine, исследователь ЗАО "ПМ" Основной подход к изолировани... more Юрий Чемёркин представитель Hakin9 Magazine, исследователь ЗАО "ПМ" Основной подход к изолированию устройстваиспользование встроенного механизма, известного как режим "в самолете", и для большинства телефонов использование

STATE OF ART OF MOBILE FORENSICS

A Security System That Changed The World

A Security System That Changed The World, Feb 1, 2011

Enterprise data is a valuable corporate asset, and therefore ensuring it’s over integrity is an i... more

Is Data Secure on the Password Protected Blackberry Device?

Is Data Secure on the Password Protected Blackberry Device?, Feb 1, 2011

People who have ever heard of password utility think the usage of it can protect their private da... more

The Backroom Message That’s Stolen Your Deal

The Backroom Message That’s Stolen Your Deal, Apr 1, 2011

Do you want to learn more about bigwig? Is someone keeping secrets from you? Need to silently rec... more

Why Is Password Protection a Fallacy - a Point of View?

Why Is Password Protection a Fallacy - a Point of View?, Jun 15, 2011

"MAKE your password strong, with a unique jumble of letters, numbers and punctuation marks. But m... more

Does your BlackBerry smartphone have ears?

Does your BlackBerry smartphone have ears?, Jul 1, 2011

This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped... more This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped cave cut that connected the rooms of his palace so that he could hear what was being said from another room. Similar listening posts were installed in other palaces over the centuries, including the Louvre in Paris.

To Get Round To The Heart Of Fortress

To Get Round To The Heart Of Fortress, Aug 15, 2011

Cybercrime is becoming a growing threat to society. The thefts of information, crashing a website... more Cybercrime is becoming a growing threat to society. The thefts of information, crashing a website or manipulating online payment traffic are also increasing. Many organizations offer various services in the battle against digital crime, such as network or data monitors and extractions tools. It is interesting mainly to authorities and financial institutions, but they are accessible to every organization

When Developer's API Simplify User-Mode Rootkits Developing

When Developer's API Simplify User-Mode Rootkits Developing, Feb 8, 2012

This is a series of articles about shell extensions that enhance high-level features of any opera... more This is a series of articles about shell extensions that enhance high-level features of any operation system. However, such possibilities not only enrich platform but simplify developing trojans, exploits that leads to the new security holes. Mostly this kind of extensions are known as usermode rootkits.

Social network privacy guide

Social network privacy guide, Apr 1, 2012

This series of articles about security trips how to make social networking is more secure on the ... more

Comparison of Android and BlackBerry Forensic Techniques

Comparison of Android and BlackBerry Forensic Techniques, Apr 16, 2012

As digital data is omnipresent now, the digital forensics has quickly become a legal necessity. M... more As digital data is omnipresent now, the digital forensics has quickly become a legal necessity. Mobile devices have quickly grown and extend their own features which simplifying makes them less unique. Developers API, SDK, NDK provide great opportunity to build live, DLP or spyware for data extracting.

Social network privacy guide

Social network privacy guide, May 21, 2012

This series of articles about security trips how to make social networking is more secure on the ... more

When Developers API Simplify User-Mode Rootkits Development – Part II

When Developers API Simplify User-Mode Rootkits Development – Part II, Jul 9, 2012

This series of articles is about the ease of which user-mode rootkits for BlackBerry can be devel... more This series of articles is about the ease of which user-mode rootkits for BlackBerry can be developed. In a previous article, several cases were mentioned along with ideas on how a mobile rootkit could easily be built on the application level by exploiting API and privilege escalation vulnerabilities or oversight. Cases covered the top trojans for two years with the first one being Android Plankton. Instead of giving access to hidden levels of this popular game, malware sends information about the device to criminals and downloads other malicious programs.

Social network privacy guide - II

Social network privacy guide - II, Aug 1, 2012

This series of articles about security trips how to make social networking is more secure on the ... more

Does your BlackBerry smartphone have ears?

Does your BlackBerry smartphone have ears?, Sep 10, 2012

This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped... more This saying may come from a story about Dionysius of Syracuse (430-367 BC), who had an ear-shaped cave cut that connected the rooms of his palace so that he could hear what was being said from another room. Similar listening posts were installed in other palaces over the centuries, including the Louvre in Paris.

When Developer's API Simplify User-Mode Rootkits Developing

When Developer's API Simplify User-Mode Rootkits Developing, Sep 10, 2012

This is a series of articles about shell extensions that enhance high-level features of any opera... more This is a series of articles about shell extensions that enhance high-level features of any operation system. However, such possibilities not only enrich platform but simplify developing trojans, exploits that leads to the new security holes. Mostly this kind of extensions are known as usermode rootkits.

BlackBerry Playbook – New Challenges

BlackBerry Playbook – New Challenges, Sep 26, 2012

This approach mainly based on examines how many differences do exist between BlackBerry OS and ne... more This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.