Archive

2015

July

• July 25, 2015 » Complex Incident Response Investigations: How to Minimise Breach Impact

April

• April 3, 2015 » Reverse Engineering Mac Malware
• April 2, 2015 » APTs: Getting Serious About Zero-Day Threats

March

• March 31, 2015 » Extracting Actionable Cyber Intelligence from a RAT Named Poison Ivy
• March 30, 2015 » Illbuster - fighting illegal content
• March 29, 2015 » Deploying ICS Honeypots to Deceive and Thwart Adversaries
• March 28, 2015 » A Threat-Based Security Monitoring Case Study
• March 27, 2015 » Cuckoo Sandbox and its recent developments
• March 26, 2015 » YARA: The pattern matching swiss knife for malware researchers and everyone else
• March 25, 2015 » Visual Malware Reversing: How to Stop Reading Assembly and Love the Code
• March 24, 2015 » You can panic now. Host Protection is (mostly) dead
• March 23, 2015 » 10 Ways to Rock Your SOC
• March 22, 2015 » Reconciling Objective Data with Analytical Uncertainty
• March 21, 2015 » DFIR Summit 2014 Keynote: Barbarians at Every Gate: Responding to a Determined Adversary
• March 20, 2015 » Introduction to Windows Memory Analysis
• March 19, 2015 » Brian Baskin - Introducing Intelligence into Malware Analysis
• March 18, 2015 » Malware Hunting with Mark Russinovich and the Sysinternals Tools
• March 17, 2015 » Malware Hunting with the Sysinternals Tools
• March 16, 2015 » Reverse Engineering By Crayon
• March 15, 2015 » Cuckoo Sandbox - malware beware [SIGINT13]
• March 14, 2015 » Cuckoo Sandbox - Automated Malware Analysis
• March 13, 2015 » Memory Forensics for Incident Response - SANS DFIR WEBCAST
• March 12, 2015 » Analysis and Correlation of Macintosh Logs - SANS DFIR WEBCASTS
• March 11, 2015 » Malware Immunization via Infection Markers
• March 11, 2015 » How memory forensics will help you lose weight and look ten years younger - SANS DFIR WEBCAST
• March 10, 2015 » Knock off Phone Forensics Some handsets Arent What They Appear To Be - SANS DFIR WEBCAST
• March 9, 2015 » Network Forensics What Are Your Investigations Missing - SANS DFIR WEBCAST
• March 9, 2015 » How Malware Generates Mutex Names to Evade Detection
• March 8, 2015 » Protecting Privileged Domain Accounts during Live Response - SANS DFIR WEBCAST
• March 7, 2015 » Detecting Persistence Mechanisms - SANS DFIR WEBCAST
• March 6, 2015 » Leveraging Cyber Threat Intelligence
• March 5, 2015 » 50 Shades of Hidden - Diving deep into code injection - SANS DFIR WEBCAST
• March 4, 2015 » Detecting Evil on Windows Systems - An In Depth Look at the DFIR Poster
• March 4, 2015 » Cuckoo Sandbox 1.2 released
• March 3, 2015 » Theres Gold in them thar package management database
• March 2, 2015 » Sick Anti Forensics Mechanisms in the Wild
• March 1, 2015 » Panic! Hysteria! No malware required!

February

• February 28, 2015 » DFIR using SIFT Workstation: SANS DFIR Webcast
• February 27, 2015 » Virtualization Incident Response
• February 26, 2015 » Where is all the malware being hosted, interactive version
• February 26, 2015 » Whats New in REMnux v4 for Malware Analysis? - SANS DFIR Webcast
• February 25, 2015 » Super Timeline Analysis - SANS DFIR WebCast
• February 24, 2015 » Finding Unknown Malware
• February 23, 2015 » Open Source Threat Intelligence - Developing a Threat intelligence program using open source tools and public sources
• February 22, 2015 » No Budget Threat Intelligence - Tracking Malware Campaigns on the Cheap
• February 21, 2015 » Mirage - Next Gen Honeyports
• February 20, 2015 » Malware Development as the Evolution of Parasites
• February 19, 2015 » APT Attacks Exposed: Network, Host, Memory, and Malware Analysis
• February 18, 2015 » So Easy A High-Schooler Could Do It: Static malware analysis using function-level signatures
• February 17, 2015 » ClusterF*ck - Actionable Intelligence from Machine Learning
• February 16, 2015 » PlagueScanner - An Open Source Multiple AV Scanner Framework
• February 15, 2015 » Blackhat 2012 EUROPE - Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis
• February 14, 2015 » Blackhat 2010: Malware Attribution - Tracking Cyber Spies
• February 13, 2015 » VB2014 paper: Duping the machine - malware strategies, post sandbox detection
• February 12, 2015 » VB2014 paper: We know it before you do: predicting malicious domains
• February 12, 2015 » 5 Ways To Monitor DNS Traffic For Security Threats
• February 11, 2015 » Chronicles of a Malware Hunter
• February 10, 2015 » All NXDOMAIN belongs to InetSim
• February 9, 2015 » Advanced Threats & Malware Attacks Rising - Ready for the impact of a breach?
• February 8, 2015 » The untold story about ATM Malware
• February 6, 2015 » Forget Zero Day, Hello Zero Second!
• February 5, 2015 » Memory Forensics with Hyper V Virtual Machines
• February 5, 2015 » DEFCON 17 - Making Fun of Your Malware
• February 4, 2015 » IR Event Log Analysis
• February 3, 2015 » Updated logo
• February 3, 2015 » Hacker Highschool Lesson 6 - Hacking Malware
• February 3, 2015 » Another Log to Analyze - Utilizing DNS to Identify Malware
• February 2, 2015 » Malware Analysis - Let the Computer Do the Work!
• February 1, 2015 » Call For Papers - Security BSides San Francisco April 2015
• February 1, 2015 » Call for papers/presentations
• February 1, 2015 » Anatomy of memory scraping, credit card stealing POS malware

January

• January 31, 2015 » Malware Analysis 101 - N00b to Ninja in 60 Minutes
• January 30, 2015 » Conference videos added
• January 29, 2015 » Introducing Malware Research Institute