I’m in Luxembourg for a full week of infosec events. It started today with the MISP summit. It was already the fifth edition and, based on the number of attendees, the tool is getting more and more popularity. The event started with a recap of what happened since the last
*** The challenge has been solved and the ticket is gone! *** The Belgian security conference BruCON 0x0B is already scheduled in a few weeks! The event becomes more and more popular and we were sold-out very quickly. If you don’t have a ticket, it’s too late! Well, not really.
I received my Yubikey 4C Nano for a while (“C” because it is compatible with USB-C connectors) but I did not have time yet to configure it to be used with my PGP key. It’s now done! As you can see, it fits perfectly in my Macbook pro: I won’t
Being a volunteer for the SANS Internet Storm Center, I’m a big fan of the DShield service. I think that I’m feeding DShield with logs for eight or nine years now. In 2011, I wrote a Perl script to send my OSSEC firewall logs to DShield. This script has been
This is not a breaking news: The “Internet of Things” or connected objects is growing at the speed of the light. To convince the skeptics, just have a look at shodan.io to easily find plenty of devices that are (or should not be!) online. A few days ago, I was discussing with
A few days ago, I wrote a diary on the SANS ISC website about automating the search for IOC’s (“Indicator of Compromise“). The use of tools to collect such information (IP addresses, domains, hashes, …) is very useful to build a list of interesting IOC’s … or not! Today, I wrote another diary
A few weeks ago I blogged about “The Art of Logging” and explained why it is important to log efficiently to increase changes to catch malicious activities. They are other ways to catch bad guys, especially when they make errors, after all they are humans too! But it goes the
The SSL and TLS protocols have been on the front of the stage for months. Besides many vulnerabilities disclosed in the OpenSSL library, the deployment of SSL and TLS is not always easy. They are weak cyphers (like RC4), weak signatures, certificates issues (self-signed, expiration or fake ones). Other useful features are mis-understood
[This blogpost has also been published as a guest diary on isc.sans.org] Writing documentation is a pain for most of us but… mandatory! Pentesters and auditors don’t like to write their reports once the funny stuff has been completed. It is the same for the developers. Writing code and developing
A quick blog post which popped up in my mind after a friend posted a question on Twitter this afternoon: “How to search for Office documents containing macros on a NAS?“. This is a good idea to search for such documents as VBA macros are known to be a good infection
