If you are the administrator of an online forum, a wiki or any website which accepts user data, you problably also know this feeling: Bots are a pain and fighting them looks like an endless loop! Your websites are constantly scanned by bots which try to create fake accounts then
Tag: Security
Cuckoo: Increasing the Power of Malware Behavior Reporting With Signatures
The new version (0.4) of Cuckoo, the open source  malware analysis system has been released this week. That’s a great news! The list of changes and new features is very impressive. So big that an upgrade is not recommended. In my case, I just installed a brand new Cuckoo instance.
You Just Have Been Erased! Are You Sure?
This is a never-ending story! People will never realize that once data has been published online, it is a nightmare to try to remove it. Here is another example… In parallel to this blog, I’m playing with another website called leakedin.com. The purpose is to educate people about the huge amount
Procrastination is Bad! (Also in Information Security)
Today was the last day of activity of the FBI servers which replaced the rogue DNS used by the DNSChanger malware. They allowed people infected by the virus to continue to work “as usual“. I won’t come back on this very long story. You should be back from a trip
Visitors of Music Festivals Sharing Their SSIDs!
In January, I developed a tool to sniff Wi-Fi SSIDs. I decided to call it ‘hoover‘ (based on the vacuum cleaner brand). The original post is here. I’m often running this tool in my area to detect the presence of some people in the neighborhood or when I’m staying at hotels.
Hack in Paris 2012 Wrap-Up Day #2
“Home sweet home!“, its time to wrap-up the second day of Hack in Paris before taking some sleep hours. The second day started with Winn Schwartau from securityexperts.com. His talk was called “Measuring people and technology security“. We have technology everywhere today but warfare started a long time ago with
Hack in Paris 2012 Wrap-Up Day #1
Back at the hotel, here we go with my wrap-up for the first day! I joined Disneyland Paris early from Belgium. It’s always frustrating for your kids when you tell them that you’ll “visit Mickey” during two days! The conference started three days ago with a set of trainings. According
CuckooMX: Automating Email Attachments Scanning with Cuckoo
Today, classic anti-virus protections are not enough reliable to protect against modern malwares. To have a better understanding and, if possible, block them, it’s best to execute the code in a safe environment and to analyze its behaviour. Does it create new processes or files, are outbound connections performed via
All Your Data Are Valuable!
A few weeks ago, a subsidiary of a major Belgian bank was hit by a blackmail attack. Attackers requested a big amount of money or they threatened to reveal sensitive stolen data. I don’t know how ended this story, did the bank pay? Did the attackers really steal a big
Attackers Geolocation in OSSEC
If you follow my blog on a regularly basis, you probably already know that I’m a big fan of OSSEC. I’m using it to monitor all my personal systems (servers, labs, websites, etc). Being a day-to-day user, I have always new ideas to extend the product , by using 3rd