I’m back in Belgium after driving a few hours back to Belgium and it’s time to give you my wrap-up of the second day. After a short night, we were back at the Chamber of Commerce in Nantes. The venue was located closed to the “Maillé-Brézé“, an old French military
Tag: Malware
BotConf 2013 Wrap-Up Day #1
I’m in Nantes (France) for two days to attend a new conference: Botconf. As the name says, this event is dedicated to botnets and malwares. The goal is to present talks about those malicious network of computers, how to detect them, how to fight them and, finally, eradicate them. I
Apkscan: Live Android Malware Analysis
Mobile devices are more and more seen as nice targets from attackers’ point of view. Which is easily understandable: the market is exploding and people still don’t realize that a mobile device is not only a mobile “phone” but a mobile “computer” with an operating system, I/Os and… applications! The
Scanning Malicious URLs in One Mouse Click
Since it’s already Friday, just before leaving for the weekend, here is a quick hack for all MacOS X infosec guys… and the others! I’m not afraid to admit it: I’m lazy! We are using computers all day long and they have been created (usually 😉 to automate tasks. Let
Malicious DNS Traffic: Detection is Good, Proactivity is Better
It looks that our beloved DNS protocol is again the center of interest for some security $VENDORS. For a while, I see more and more the expression “DNS Firewall” used in papers or presentations. It’s not a new buzz… The DNS protocol is well-known to be a excellent vector of
Cuckoo 0.5 on OS X Mountain Lion
Claudio Guarnieri and his developers gave us a great gift to finish the year. A few days before Christmas, they released the version 0.5 of Cuckoo, the open source malware analysis system. What’s new in this release? Plenty of nice stuffs! I won’t review there here, have a look at
The Social Impact of Malware Infections
I just had a good experience today about the “social impact” of malware infections and I would like to share it with you. For most infosec people, it is part of the game to play the fireman for family and friends when they are in trouble with their computer. The
Cuckoo: Increasing the Power of Malware Behavior Reporting With Signatures
The new version (0.4) of Cuckoo, the open source  malware analysis system has been released this week. That’s a great news! The list of changes and new features is very impressive. So big that an upgrade is not recommended. In my case, I just installed a brand new Cuckoo instance.
Procrastination is Bad! (Also in Information Security)
Today was the last day of activity of the FBI servers which replaced the rogue DNS used by the DNSChanger malware. They allowed people infected by the virus to continue to work “as usual“. I won’t come back on this very long story. You should be back from a trip
CuckooMX: Automating Email Attachments Scanning with Cuckoo
Today, classic anti-virus protections are not enough reliable to protect against modern malwares. To have a better understanding and, if possible, block them, it’s best to execute the code in a safe environment and to analyze its behaviour. Does it create new processes or files, are outbound connections performed via