Palo Alto Networks firewalls are very popular due to the huge amount of features they provide in a unique chassis. Besides the traditional traffic inspection, they can play up to the 7th layer of the ISO model. The rule base can contain rules which inspect the web traffic and prevent users
Category: Security
Email Tracking for Dummies
Recently, I was involved in an incident handling mission to find how some confidential emails were being tracked. Let’s imagine a first scenario: Alice sends a mail to Bob. Bob reads Alice’s email and Alice gets notified. Nothing special, this is a standard feature offered by most commercial messaging solutions.
Botconf 2015 Wrap-Up Day #3
And here is my wrap-up for the third day of the conference. Again a bunch of interesting talks. The first to join the floor was Yonathan Klijnsma who presented a nice history of the famous ransomware: Cryptowall. This ransomware has already multiple versions and involved after each of them. It started
Automatic MIME Attachments Triage
A few weeks ago I posted a diary on the ISC SANS website about a script to automate the extraction and analyze of MIME attachments in emails. Being the happy owner of an old domain (15y), this domain is present in all spammer’s mailing lists. I’m receiving a lot of
Botconf 2015 Wrap-Up Day #2
After a short night due to social events and business related tasks, I joined the Google offices to follow a bunch of interesting presentations. If Botconf offers a great set of presentations, that’s also a good place for networking and to talk about infosecurity topics while having very nice food!
Botconf 2015 Wrap-Up Day #1
Here we go for a new edition of the Botconf edition. Already the third one. This conference is moving every year across France and, after Nantes and Nancy, the organizers chose Paris and more precisely the Google France venue! Really a nice one, typically in the Google atmosphere. I commuted from Belgium
Developers Are (still) From Mars, Infosec People (still) From Venus
In March 2011, Brian Honan contributed to an issue of the INSECURE magazine with an article called “Management are from Mars, information security professional are from Venus“. This title comes from the John Gray’s worldwide bestseller where he presents the relations between men and women. Still today, we can reuse this subject
Black Hat Europe 2015 Wrap-Up
Here is my quick wrap-up of Black Hat Europe 2015 which just terminated today. Due to a high workload, I joined Amsterdam only today to attend the second day of briefings and… I’m not disappointed! As usual, there was very interesting sessions and other less attractive. I also missed a
Hack.lu 2015 Wrap-Up Day #3
I just drove back to home after the 11th edition of hack.lu. As always, it was an amazing event organized by, amongst others, many team members of the CIRCL. So, let’s write a quick wrap-up for this third day. Some talk will be less covered due to interesting chat sessions with
Hack.lu 2015 Wrap-Up Day #2
Here we go with my wrap-up for the second day. After some coffee and pastries, the day started hardly with a very technical talk. Samuel Chevet & Clément Rouault presented their research about Windows local kernel debugging. Kernel debugging does not mean always being used for the bad, it can also