I’m in Luxembourg for a full week of infosec events. It started today with the MISP summit. It was already the fifth edition and, based on the number of attendees, the tool is getting more and more popularity. The event started with a recap of what happened since the last
BruCON Challenge: Solve & Win Your Ticket!
*** The challenge has been solved and the ticket is gone! *** The Belgian security conference BruCON 0x0B is already scheduled in a few weeks! The event becomes more and more popular and we were sold-out very quickly. If you don’t have a ticket, it’s too late! Well, not really.
New PGP Key
I received my Yubikey 4C Nano for a while (“C” because it is compatible with USB-C connectors) but I did not have time yet to configure it to be used with my PGP key. It’s now done! As you can see, it fits perfectly in my Macbook pro: I won’t
Integrating OpenCanary & DShield
Being a volunteer for the SANS Internet Storm Center, I’m a big fan of the DShield service. I think that I’m feeding DShield with logs for eight or nine years now. In 2011, I wrote a Perl script to send my OSSEC firewall logs to DShield. This script has been
The Mobile Network Iceberg
This is not a breaking news: The “Internet of Things” or connected objects is growing at the speed of the light. To convince theÂ skeptics, just have a look at shodan.ioÂ to easily find plenty of devices that are (or should not be!) online. A few days ago, I was discussing with
Good IOC VS. Bad IOC: When Automation Fails…
A few days ago, I wrote a diary on the SANS ISC website about automating the search for IOC’s (“Indicator of Compromise“). The use of tools to collect such information (IP addresses, domains, hashes, …)Â is very useful to build a list ofÂ interesting IOC’s … or not!Â Today, I wrote another diary
Attackers Make Mistakes But SysAdmins Too!
A few weeks ago I blogged about “The Art of Logging” and explained why it is important to log efficiently to increase changes to catch malicious activities. They are other ways to catch bad guys, especially when they make errors, after all they are humans too! But it goes the
Tracking SSL Issues with the SSL Labs API
The SSL and TLS protocols have been on the front of the stage for months. BesidesÂ many vulnerabilities disclosed in the OpenSSL library, the deploymentÂ of SSL and TLS is not always easy. They are weak cyphers (like RC4), weak signatures, certificates issues (self-signed, expiration or fakeÂ ones). Other useful features are mis-understood
The lack of network documentation…
[This blogpost has also been published as a guest diary on isc.sans.org] Writing documentation is a pain for most of us but… mandatory! Pentesters and auditors don’t like to write their reports once the funny stuff has been completed. It is the same for the developers. Writing code and developing
Searching for Microsoft Office Files Containing Macro
A quick blog post which popped upÂ in my mind after a friend posted a question on Twitter this afternoon: “How to search for Office documents containing macros on a NAS?“. This is a good idea to search for such documents as VBA macros are known to be a good infection