Sergiu Sechel

Cybersecurity Researcher

I am a cybersecurity researcher passionate about cyber risk quantification, cyber fraud investigations, cyber forensics, cyber threat intelligence and cyber policy and strategy.

Over 10 years of experience in the private sector as a cybersecurity advisor and cybercrime investigator

Over five years of experience in academia as a PhD cybersecurity researcher

Skills

Cybersecurity Strategy and Operations
M&A Cybersecurity Due Diligence
Cybersecurity Risk Quantification
IT Systems and Applications Audit
Data Privacy and Protection
Vulnerability Research and Penetration Testing
ICS and OT Security
Cybercrime and Fraud Investigations
Digital Forensics and Incident Response (DFIR)
Malware Analysis and Reverse Engineering
Cyber Threat Intelligence
Cloud Security
AI and ML Security
Blockchain and Web3 Security
Smart Contracts Security

Cybercrime investigation-related qualifications

  • Certified Fraud Examiner (CFE)
  • Certified Ethical Hacker (CEH)
  • GIAC Certified Penetration Tester (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Cyber Threat Intelligence (GCTI)
  • GIAC Advanced Smartphone Forensics (GASF)
  • GIAC Reverse Engineering Malware (GREM)

Cyber risk assurance-related qualifications

  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Global Industrial Cyber Security Professional (GICSP)
  • Certified Software Tester (ISTQB)
  • Project Management Professional (PMP)

Publications

Research
Navigating the Cyber Maze: Sovereignty, Security, and the Digital Future — The 2025 Outlook (2024)
LLM Masked Robber: Enhancing adversarial testing and prompt injection attacks using masked language models (2024)
Adversarial testing and prompt injection attacks using the embedding similarity approximation method (2024)
Improving network-based detection of in-the-wild Cobalt Strike C2 servers while reducing the risk of false positives (2021)
A Comparative Assessment of Obfuscated Ransomware Detection Methods (2019)
Web Applications Vulnerability Management using a Quantitative Stochastic Risk Modelling Method (2017)
Gathering threat intelligence from malware analysis platforms for e-business systems security (2017)
Information Insecurity: An Assessment of the Romanian Cyberspace (2016)
ISACA Publications
Physical Penetration Testing: The Most Overlooked Aspect of Security (2023)
Blueprint for Ransomware Defense (2023)
Continuous Oversight in the Cloud (2019)
Audit and Assurance Program for Application Containers (2018)
Understanding the Enterprise Advantages of Application Containerization (2016)
Vulnerability Research
CVE-2020-18331 (9.1 CRITICAL)
CVE-2020-18330 (9.1 CRITICAL)
CVE-2020-18329 (7.5 HIGH)
CVE-2019-9484 (7.5 HIGH)
CVE-2019-9201 (9.8 CRITICAL)