X-Force May 28, 2015 Proactive Threat Hunting and Memory Forensics Against Rombertik 5 min read - The right free analysis tools can aid proactive threat hunting and help security professionals detect even the most advanced threats in their networks.
CISO September 24, 2014 A Look Back at ‘The State of Incident Response’ by Bruce Schneier 8 min read - Recap of Bruce Schneier's Black Hat keynote, "The State of Incident Response," covering trends in the cyberworld and how threats should be addressed.
CISO June 6, 2014 Embracing the Uncertainty of Advanced Attacks Using Big Data Analytics 3 min read - How big data can fuel intelligence-driven security and how to secure the big data ecosystem. Based on keynotes from Eddie Schwartz and Davi Ottenheimer.
Software Vulnerabilities May 16, 2014 Analysis of Recent Struts Vulnerabilities in Parameters and Cookie Interceptors, Their Impact and Exploitation 6 min read - An analysis of the recent Struts vulnerabilities in parameters and Cookie Interceptors, their impact and one possible way to exploit them.
Advanced Threats April 15, 2014 The State of the Hack and Cyber Threat Intelligence Gain/Loss 4 min read - A recap of Kevin Mandia's "State of the Hack: One Year after the APT1 Report" keynote at RSA 2014 and "Hacking Exposed: PLA Edition" talk by Dmitri Alperovitch and George Kurtz.
Endpoint April 3, 2014 How to Cheat Your MDM: Compliance without a Password 7 min read - In this post, we will describe an unpatched vulnerability (CVE-2014-0900) in earlier releases of Android and how it can be exploited by malicious and lazy users to bypass MDM restrictions.
CISO March 14, 2014 Mikko Hypponen at TrustyCon: Governments as Malware Authors 3 min read - Mikko Hypponen's "Government as Malware Authors" version at TrustyCon. There is a value for security professionals, researchers and leaders in the community to revive the keynotes and continue the discussion.
Malware March 13, 2014 DIY: Android Malware Analysis – Taking Apart OBAD (Part 2) 6 min read - A in-depth look at how to analyze OBAD manually and discover the device administrator vulnerability that makes it hide and prevent uninstallation. See also how to avoid ANR timeouts.
Endpoint October 14, 2013 DIY: Android Malware Analysis – Taking Apart OBAD (Part 1) 17 min read - OBAD has been agreed upon to be one of the most sophisticated piece of android malware and you can find various analysis on the web. In this series we will take it apart together and learn about its functionality and…
Endpoint July 10, 2013 Understanding the Android "master key" vulnerability 3 min read - Bluebox Labs last week announced a vulnerability in Android's code for cryptographic signature verification and app installation. They are planning to publicly disclose the details in their upcoming BlackHat US talk. Google has patched this vulnerability and some of the…
Malware May 28, 2013 Zeus Analysis – Memory Forensics via Volatility 7 min read - I am planning to do a blog series on Malware Analysis using the Zeus sample that I recently received in an email. The idea is not only to share what it does, but to focus mostly on sufficient details.