Strange title isn’t it? Be patient, you’ll understand. Today, I’d like to post a small reflection about a discussion I had with other infosec guys during BruCON. This is not directly related to information security… though! The discussion was about the difficulties to combine a job and family life! Let’s
Some Bits & Bytes About #BruC0N 0x04
After months of preparation with a growing pressure, the 0x04 edition of BruCON is already behind us! I was still on board to take care of all the bits & bytes aspects. This year was a specific one. The venue changed (we moved from Brussels to the beautiful city of
OWASP Belgium Chapter September 2012 Wrap-Up
The holidays are gone, kids are back to school. For the security landscape, it means that security meetings are also back! The first OWASP Belgium Chapter was organised tonight. Here is my quick wrap-up. This time the meeting started in the afternoon with a technical workshop organised by SPION. Due to agenda conflicts, I did not
GoDaddy Outage: RFC for Dummies
Yesterday was a black day for GoDaddy.com. During a few hours all they hosting services were interrupted. Mail, websites but, worse, all the DNS services were unavailable. The outage was caused by a member of Anonymous as said on Twitter but it’s not yet clear. Personally, who’s behind the attack,
Do Organizations Take Care of Their Online Presence?
For a few months now, my toy leakedin.com is back online. When I brought the website up again, a question immediately popped up in my mind: “How to protect myself against angry users or organizations not happy to see potentially sensitive data disclosed?“. The website compiles interesting data like credit
Kicking Out Bots with ModSecurity
If you are the administrator of an online forum, a wiki or any website which accepts user data, you problably also know this feeling: Bots are a pain and fighting them looks like an endless loop! Your websites are constantly scanned by bots which try to create fake accounts then
Cuckoo: Increasing the Power of Malware Behavior Reporting With Signatures
The new version (0.4) of Cuckoo, the open source  malware analysis system has been released this week. That’s a great news! The list of changes and new features is very impressive. So big that an upgrade is not recommended. In my case, I just installed a brand new Cuckoo instance.
You Just Have Been Erased! Are You Sure?
This is a never-ending story! People will never realize that once data has been published online, it is a nightmare to try to remove it. Here is another example… In parallel to this blog, I’m playing with another website called leakedin.com. The purpose is to educate people about the huge amount
Procrastination is Bad! (Also in Information Security)
Today was the last day of activity of the FBI servers which replaced the rogue DNS used by the DNSChanger malware. They allowed people infected by the virus to continue to work “as usual“. I won’t come back on this very long story. You should be back from a trip
Visitors of Music Festivals Sharing Their SSIDs!
In January, I developed a tool to sniff Wi-Fi SSIDs. I decided to call it ‘hoover‘ (based on the vacuum cleaner brand). The original post is here. I’m often running this tool in my area to detect the presence of some people in the neighborhood or when I’m staying at hotels.