The Case of the Tricky Tool
Looks can be deceiving. There are times when you think an analysis is going to be easy, and everything points in that direction, until you hit a snag. This happens. Sometimes you've made an assumption that is wrong, sometimes there is a little trick the attacker is doing, and sometimes ... Read More
The Case of the Tricky Tool
Looks can be deceiving. There are times when you think an analysis is going to be easy, and everything points in that direction, until you hit a snag. This happens. Sometimes you've made an assumption that is wrong, sometimes there is a little trick the attacker is doing, and sometimes ... Read More
Document Analysis – 2018-newsletters.xls
Today I received what was clearly a malicious document in my email, so to celebrate the publishing of my second PluralSight course - Performing Malware Analysis on Malicious Documents - I thought I'd go through the analysis of the document. The document came in as an attachment in email and ... Read More
Document Analysis – 2018-newsletters.xls
Today I received what was clearly a malicious document in my email, so to celebrate the publishing of my second PluralSight course - Performing Malware Analysis on Malicious Documents - I thought I'd go through the analysis of the document.The document came in as an attachment in email and was ... Read More
Malware Analysis Course on Pluralsight!
Since 2010, I have been running my Introduction to Malware Analysis course at various conferences and organizations, and have taught over 200 students. I've heard from many of my former students that they've used what they learned in the course to help them successfully combat malware in their organizations - ... Read More
Malware Analysis Course on Pluralsight!
Since 2010, I have been running my Introduction to Malware Analysis course at various conferences and organizations, and have taught over 200 students. I've heard from many of my former students that they've used what they learned in the course to help them successfully combat malware in their organizations - ... Read More
Malicious DNS Namespace Collisions
Over the last few weeks, I've noticed a problem come up again in multiple places that I first saw many years ago and apparently is still very common - DNS Namespace Collisions. DNS namespace collisions occur when a private domain name is able to be resolved on the public Internet; ... Read More
Malicious DNS Namespace Collisions
Over the last few weeks, I've noticed a problem come up again in multiple places that I first saw many years ago and apparently is still very common - DNS Namespace Collisions. DNS namespace collisions occur when a private domain name is able to be resolved on the public Internet; ... Read More
MASTIFF Online
MASTIFF has been a pet project of mine for about two years now. While it has not progressed as far as I would have liked, we made a major announcement this week. On Monday, a free online interface to MASTIFF was released at https://mastiff-online.korelogic.com/. This interface allows anyone to upload ... Read More
MASTIFF Online
MASTIFF has been a pet project of mine for about two years now. While it has not progressed as far as I would have liked, we made a major announcement this week.On Monday, a free online interface to MASTIFF was released at https://mastiff-online.korelogic.com/. This interface allows anyone to upload files, ... Read More
