I published the following diary on isc.sans.org: “Example of Targeted Attack Through a Proxy PAC File“. Yesterday, I discovered a nice example of targeted attack against a Brazilian bank. It started with an email sample like this …Â [Read more]
Category: Security
[SANS ISC Diary] Voice Message Notifications Deliver Ransomware
I published the following diary on isc.sans.org: “Voice Message Notifications Deliver Ransomware“. Bad guys need to constantly find new ways to lure their victims. If billing notifications were very common for a while, not all people in a company are working with such kind of documents. Which types of notification
[SANS ISC Diary] Data Classification For the Masses
I published the following diary on isc.sans.org: “Data Classification For the Masses“. Data classification isn’t a brand new topic. For a long time, international organizations or military are doing “data classificationâ€. It can be defined as: “A set of processes and tools to help the organization to know what data
[SANS ISC Diary] Analyze of a Linux botnet client source code
I published the following diary on isc.sans.org: “Analyze of a Linux botnet client source code“. I like to play active-defense. Every day, I extract attacker’s IP addresses from my SSH honeypots and perform a quick Nmap scan against them. The goal is to gain more knowledge about the compromised hosts. Most
[SANS ISC Diary] Name All the Things!
I published the following diary on isc.sans.org: “Name All the Things!“. With our more and more complex environments and processes, we have to handle a huge amount of information on a daily basis. To improve the communication with our colleagues, peers, it is mandatory to speak the same language and
[SANS ISC Diary] Hunting for Malicious Files with MISP + OSSEC
I published the following diary on isc.sans.org: Hunting for Malicious Files with MISP + OSSEC.
RMLL Security Track 2016 Wrap-Up
I’m in the train from Paris where I attended the RMLL Security Track version 2016. The RMLL or “Rencontres Mondiales du Logiciel Libre” is an annual event around free software. Amongst multiple tracks, there is always one dedicated to information security (around free software of course). The global event was
Book Review: Sécurité Informatique et Malwares
In 2013, Paul Rascagnères (aka “@r00tbsd“) wrote a book titled “Malware: Identification, analyse et éradication“. Paul being a friend but especially a renowned security researcher in the field of malware analysis and incident investigations, I bought the first edition of his book which was a very good introduction to malware.
[SANS ISC Diary] Phishing Campaign with Blurred Images
I published the following diary was published on isc.sans.org: Phishing Campaign with Blurred Images.
BSidesAthens 2016 Wrap-Up
Here is my wrap-up for the first edition of BSidesAthens. There are more and more BSides events organized across the world and the Greek capital has now one! It was also a good opportunity to spend the weekend in this nice city. Grigorios Fragkos kicked off the event a few