Quantcast
Channel: Threat Thoughts » Malware
Browsing all 10 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Theory versus practice: threat-centrism

I currently work in a threat-centric role, in the sense that we detect and respond to threats as they occur. We handle malware, log analysis, and network & system forensics. So I use “threat” in a...

View Article



Image may be NSFW.
Clik here to view.

Threat intel sharing with OpenIOC

Indicator of Compromise by Kool-Aid Man Mandiant recently announced OpenIOC, “an extensible XML schema that enables you to describe the technical characteristics that identify a known threat, an...

View Article

Image may be NSFW.
Clik here to view.

DFIR fundamentals with Mandiant updates

Chewbacha revisits the classics Today, I had the opportunity to listen to the latest installment of Mandiant’s web series “Fresh Prints of Mal-ware”: The Nutts and Boltz of APT Persistence Mechanisms,...

View Article

Image may be NSFW.
Clik here to view.

Book Review: Challenges in Intelligence Analysis

I have always believed in the value of interdisciplinary studies. Specifically, I like to examine approaches taken in superficially-dissimilar fields where the underlying problems or useful solutions...

View Article

Image may be NSFW.
Clik here to view.

Getting into the guts of mwcrawler

Earlier this week, my buddy Ken Pryor mentioned a project with which I had no prior familiarity: @Forensication Have you seen mwcrawler? I'm trying it out now. github.com/ricardo-dias/m…— Ken Pryor...

View Article


Image may be NSFW.
Clik here to view.

Konig: malware, graph theory, and fuzzy hashes

As a small personal research and learning project, I spent a few hours this weekend writing Konig. This is intended to evolve into a framework for investigating relationships between fuzzy hashes (e.g....

View Article

Image may be NSFW.
Clik here to view.

Maltrieve: retrieving malware for research

As I continued to hack on mwcrawler over the last month, I found that it didn’t really meet my needs for various reasons: slowness, difficulty of maintaining and adding sources, repeated grabbing of...

View Article

Image may be NSFW.
Clik here to view.

Brain dump of DFIR and network security research ideas

Maybe I could get more of these done with this. I’ve seen several people talk about lacking ideas for research projects, often around DFIR or network security. Personally, I have the opposite problem:...

View Article


Image may be NSFW.
Clik here to view.

Pizza with a bad taste: BHEK intel

I got some spam today that made me hungry (even after eating real spam so many times as a kid). You've just ordered pizza from our site [snipped yummy but long listing of pizzas and drinks including...

View Article


Image may be NSFW.
Clik here to view.

Ethics versus economics for security research

Independent security researchers often have a reputation as narcissistic vulnerability pimps (true or not), but the environment which has evolved around information security largely drives this. This...

View Article
Browsing all 10 articles
Browse latest View live




Latest Images