I received my Yubikey 4C Nano for a while (“C” because it is compatible with USB-C connectors) but I did not have time yet to configure it to be used with my PGP key. It’s now done! As you can see, it fits perfectly in my Macbook pro: I won’t
Category: Uncategorized
Integrating OpenCanary & DShield
Being a volunteer for the SANS Internet Storm Center, I’m a big fan of the DShield service. I think that I’m feeding DShield with logs for eight or nine years now. In 2011, I wrote a Perl script to send my OSSEC firewall logs to DShield. This script has been
The Mobile Network Iceberg
This is not a breaking news: The “Internet of Things” or connected objects is growing at the speed of the light. To convince the skeptics, just have a look at shodan.io to easily find plenty of devices that are (or should not be!) online. A few days ago, I was discussing with
Good IOC VS. Bad IOC: When Automation Fails…
A few days ago, I wrote a diary on the SANS ISC website about automating the search for IOC’s (“Indicator of Compromise“). The use of tools to collect such information (IP addresses, domains, hashes, …) is very useful to build a list of interesting IOC’s … or not! Today, I wrote another diary
Attackers Make Mistakes But SysAdmins Too!
A few weeks ago I blogged about “The Art of Logging” and explained why it is important to log efficiently to increase changes to catch malicious activities. They are other ways to catch bad guys, especially when they make errors, after all they are humans too! But it goes the
Tracking SSL Issues with the SSL Labs API
The SSL and TLS protocols have been on the front of the stage for months. Besides many vulnerabilities disclosed in the OpenSSL library, the deployment of SSL and TLS is not always easy. They are weak cyphers (like RC4), weak signatures, certificates issues (self-signed, expiration or fake ones). Other useful features are mis-understood
The lack of network documentation…
[This blogpost has also been published as a guest diary on isc.sans.org] Writing documentation is a pain for most of us but… mandatory! Pentesters and auditors don’t like to write their reports once the funny stuff has been completed. It is the same for the developers. Writing code and developing
Searching for Microsoft Office Files Containing Macro
A quick blog post which popped up in my mind after a friend posted a question on Twitter this afternoon: “How to search for Office documents containing macros on a NAS?“. This is a good idea to search for such documents as VBA macros are known to be a good infection
Some Personal Shellshock Stats
In April 2014, the Internet shivered when we faced the “heartbleed” bug in the OpenSSL library. It makes lot of noise across the security community and was even covered by regular media. Such issue could never happen again, right? Never say never! Last week, a new storm in the Internet with “shellsock”
2nd European Information Security Blogger Awards Announced
Today, Brian Honan announced on his blog the second European edition of the Security Bloggers Awards. In a few weeks, many infosec guys will join London to attend BSidesLondon and/or InfoSecurity Europe. This is the perfect time to organize a meet-up on Wednesday 30rd April. Security bloggers are welcome to have