I’m in Washington DC at the SANSFIRE event. I’m following a training and meeting fellow SANS ISC Handlers. I also gave a talk tonight about the risks of the Internet of Things and quick tips to protect your home network against their invasion. Here is a copy of the slides: Link: http://www.slideshare.net/xme/home-sweet-home-sansfire-edition.
I published the following diary was published on isc.sans.org: Offensive or Defensive Security? Both!
I published the following diary was published on isc.sans.org: Docker Containers Logging.
For a while, ransomware is a plague… Just by surfing to a website or by opening an invoice received by email, people get a nice popup window while their files are being encrypted. Everyday, we hear about nightmare stories with companies infected by such malicious code and which do not have a
Here is a quick wrap-up from Heidelberg (Germany) where was organized the 9th edition of the TROOPERS conference. Unfortunately, due to an agenda conflict (my bad!), I was not able to attend the first day and just joined the conference this morning for the second day of talks. Here is
MISP (“Malware Information Sharing Platform“) is a free software which was initially created by the Belgian Defence to exchange IOC’s with partners like the NCIRC (NATO). Today it became an independent project and is mainly developed by a group of motivated people. MISP is mainly used by CERT’s (“Computer Emergency Response
On a daily basis, I’m looking for malicious emails. I own catch-all mailboxes that collect a huge amount of spam that I’m using to perform deeper analysis: to discover new tactics used by attackers and new piece of malicious code. Basically, they are two categories of phishing campaigns: the one sent to
Honestly, I never really played with Docker but… For a few weeks, I succumbed to the temptation of playing with Docker thanks to a friend who’s putting everything in docker containers. If you still don’t know Docker, here is a very brief introduction: Docker lets you run applications in a “container“. In this
The following diary was published on isc.sans.org: Reducing False Positives with Open Data Sources
The following diary was published on isc.sans.org: Hunting for Executable Code in Windows Environments.