HackDig : Dig high-quality web security articles

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

If you have read our previous blogpost “Targeted Malware Reverse Engineering Workshop follow-up. Part 1“, you probably know about the webinar we conducted on April 8, 2021, with Kaspersky GReAT’s Ivan Kwiatkowski and Denis Legezo, to share best practices in reverse engineering and demonstrate real-time analysis of recent targeted malware sa
Publish At:2021-04-21 06:02 | Read:406 | Comments:0 | Tags:Events Malware Malware Technologies Obfuscation Security tec

Summary of “Software-Defined Radio applied to security assessments” at Troopers21

The training Software-Defined Radio applied to security assessments was held by S├ębastien Dudek at Troopers21 and was remotely organized – like most other events – due to Covid-19. Once we were all caffeinated, we had an exciting journey through basically all things radio. We started with the technical and physical basics in radio technology, su
Publish At:2021-04-20 15:14 | Read:373 | Comments:0 | Tags:Events SDR TROOPERS security

Targeted Malware Reverse Engineering Workshop follow-up. Part 1

On April 8, 2021, we conducted a webinar with Ivan Kwiatkowski and Denis Legezo, Senior Security Researchers from our Global Research & Analysis Team (GReAT), who gave live workshops on practical disassembling, decrypting and deobfuscating authentic malware cases, moderated by GReAT’s own Dan Demeter. Ivan demonstrated how to strip the obfuscation
Publish At:2021-04-19 08:14 | Read:374 | Comments:0 | Tags:Events Malware Technologies Security technology Targeted att

SAS@Home is back this fall

The world during the pandemic prepares many surprises for us. Most of them are certainly unpleasant: health risks, inability to travel or meet old friends. One of these unpleasant surprises awaited us in the early spring, when the organizing team of the beloved SAS conference were forced to announce that the event would be postponed to the fall. Later, anoth
Publish At:2020-09-30 12:35 | Read:828 | Comments:0 | Tags:Events Featured digital forensics Industrial threats Interne

Why master YARA: from routine to extreme threat hunting cases. Follow-up

On 3rd of September, we were hosting our “Experts Talk. Why master YARA: from routine to extreme threat hunting cases“, in which several experts from our Global Research and Analysis Team and invited speakers shared their best practices on YARA usage. At the same time, we also presented our new online training covering some ninja secrets of using
Publish At:2020-09-30 10:56 | Read:772 | Comments:0 | Tags:Events Cybercrime Malware Security conference Security techn

ACM WiSec 2020

Last week I attended ACM WiSec. Of course, only virtually. The first virtual conference I attended. Coincidentally, it was also the first conference I presented at. While the experience was quite different from a “real” conference, the organizers did a great job to make the experience as good as possible with, for example, a mattermost instance t
Publish At:2020-07-26 15:58 | Read:1208 | Comments:0 | Tags:Breaking Building Events

GReAT Ideas follow-up

On June 17, we hosted our first “GReAT Ideas. Powered by SAS” session, in which several experts from our Global Research and Analysis Team shared insights into APTs and threat actors, attribution, and hunting IoT threats. Here is a brief summary of the agenda from that webinar: Linking attacks to threat actors: case studies by Kurt Baumgartner T
Publish At:2020-07-15 06:12 | Read:1283 | Comments:0 | Tags:Events Featured APT Cybercrime honeypot Internet of Things S

Cyberthon 2020: Valuable Discussions, For a Worthy Cause.

Thank you to everyone who joined us for our virtual charity event, Cyberthon 2020 on the 9th June.Given our company started out over 20 years ago as a piece of freeware pioneering many of the early approaches in intrusion detection, there has always been a strong seam of altruism running through Tripwire.This extends far beyond providing open source software
Publish At:2020-06-16 16:30 | Read:1195 | Comments:0 | Tags:Events Charity Cyberthon 2020

Cyberthon 2020: Helping Support Front Line Carers

With everything going on in the world currently, it feels wrong to lament the cancellation of cybersecurity exhibition season in Europe.Typically a time when vendors and end-users are huddled around busy tables in cavernous event spaces, we have decided to pour our resources into something a bit different and altogether more altruistic: Cyberthon 2020.We are
Publish At:2020-06-04 04:29 | Read:1441 | Comments:0 | Tags:Events Cyberthon 2020 online event

SAS, sweet SAS

As you may already know from our social network posts, we have rescheduled the SAS 2020 conference for November 18-21 due to the COVID-19 pandemic and to ensure your safety. Though we still think that Barcelona is a great place to meet and it will not be a “real” SAS if we cannot hug, shake hands and touch beer glasses in that beautiful city, we
Publish At:2020-05-03 08:09 | Read:1296 | Comments:0 | Tags:Events Featured Security conference Security technology

What does it take to become a good reverse engineer?

How much money and effort does it take to become a good reverse engineer? Do you even need to be one? There are no universally acceptable answers to these questions. Software reverse engineering (RE) is not a science but a skillset combined with specific knowledge and backed by a lot of experience. For several years, we have been sharing the RE knowledge tha
Publish At:2020-05-03 08:09 | Read:1289 | Comments:0 | Tags:Events Opinion Security conference

YARA webinar follow up

If you read my previous blogpost Hunting APTs with YARA then you probably know about the webinar we conducted on March 31, 2020, showcasing some of our experience in developing and using YARA rules for malware hunting. In case you missed the webinar – or if you attended and want to re-watch it – you can find the recording here: As requested by m
Publish At:2020-04-06 14:15 | Read:1816 | Comments:0 | Tags:Events APT Malware Technologies Security technology Vulnerab

Hunting APTs with YARA

For the past few years, we have been spreading our knowledge and experience of using YARA, often called a pattern matching swiss knife for malware researchers (and everyone else). Most of the time, this took the form of the Kaspersky training course titled, “Hunting APTs with YARA Like a GReAT Ninja”. The first YARA training session of that kind
Publish At:2020-03-18 12:30 | Read:1740 | Comments:0 | Tags:Events APT Malware Technologies Security technology

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre sc
Publish At:2020-03-12 15:31 | Read:1823 | Comments:0 | Tags:Security world black hat bsides cancellations conferences co

TROOPERS20 Training Teaser: Attack And Defence In AWS: Chaining Vulnerabilities To Go Beyond The OWASP Top 10

Attackers are everywhere. They are now on the cloud too! Attacking the most popular cloud provider – AWS, requires the knowledge of how different services are setup, what defences do we need to bypass, what service attributes can be abused, where can information be leaked, how do I escalate privileges, what about monitoring solutions that may be presen
Publish At:2020-02-27 17:57 | Read:1600 | Comments:0 | Tags:Events AWS TROOPERS TROOPERS20