I published the following diary on isc.sans.edu: “Phishing Attack Through Non-Delivery Notification”: Here is a nice example of phishing attack that I found while reviewing data captured by my honeypots. We all know that phishing is a pain and attackers are always searching for new tactics to entice the potential victim to
This morning, I received a mail from Cisco to tell me that I’ve been nominated as finalist for their IT Blog Awards (Category: “Most Inspirational”). I’m maintaining this blog just for the fun and to share useful (I hope) information with my readers and don’t do this to get rewards
And the conference is over! I’m flying back to home by tomorrow morning so I’ve time to write my third wrap-up. The last day of the conference is always harder for many attendees due to the late parties. But I was present on time to attend the last set of
I’m just back from the reception that was held at the Cité de l’Espace, such a great place with animations and exhibitions of space related devices. It’s tie for my wrap-up of the second day. This morning, after some coffee refill, the first talk of the day was performed by Jose
Here is my first wrap-up for the 6th edition of the Botconf security conference. Like the previous editions, the event is organized in a different location in France. This year, the beautiful city of Toulouse saw 400 people flying from all over the world to attend the conference dedicated to
I’m writing this quick wrap-up in Vienna, Austria where I attended my first DeepSec conference. This event was already on my schedule for a while but I never had a chance to come. This year, I submitted a training and I was accepted! Good opportunity to visit the beautiful city
I published the following diary on isc.sans.edu: “More obfuscated shell scripts: Fake MacOS Flash update”: Yesterday, I wrote a diary about a nice obfuscated shell script. Today, I found another example of a malicious shell script embedded in an Apple .dmg file (an Apple Disk Image). The file was delivered through
I published the following diary on isc.sans.edu: “Obfuscated bash script targeting QNap boxes“: One of our readers, Nathaniel Vos, shared an interesting shell script with us and thanks to him! He found it on an embedded Linux device, more precisely, a QNap NAS running QTS 4.3. After some quick investigations,
I published the following diary on isc.sans.edu: “Divided Payload in Multiple Pasties”: In politic, there is a strategy which says “divide and conquerâ€. It’s also true for some pieces of malware that spread their malicious code amongst multiple sources. One of our readers shared a sample of Powershell code found
I published the following diary on isc.sans.edu: “Querying DShield from Cortex”: Cortex is a tool part of the TheHive project. As stated on the website, it is a “Powerful Observable Analysis Engine”. Cortex can analyze observables like IP addresses, emails, hashes, filenames against a huge (and growing) list of online services.
