Last month I was privileged enough to speak at the 25th annual FIRST conference hosted in Bangkok, Thailand and wanted to explain my slides a bit. I am not sure if FIRST will put the videos of the talks on the Internet, but until they do, I think it’s valuable for those who weren’t...
Read more →In between FIRST conference and a couple beers, I stumbled upon an email uploaded to Virustotal. The file itself is an EML and has the name of “CIA’s _prism Watchlist_.eml”. Inside the email, the content is the following: It appears the intended recipient of the malicious mail was a yahoo account linked to the...
Read more →It’s that time of year again and I will be migrating across Asia for the next several weeks. If you happen to be at any of the locations mentioned below during those time frames, please let me know and maybe we can meetup! June 17-21 – Speaking at FIRST conference in Bangkok, Thailand July...
Read more →Last week, my colleague on the advanced threat research team, Rob Falcone, pointed me over at a sample that hit on our CommentCrew DES signature. Normally I would shrug this off as something old, but the compilation time on the binary showed June 4, 2013 and the command-and-control (C&C) server appeared to be active....
Read more →This theory is going to be a little out there, but go with me for a moment. It seems that you can almost get a job doing anything these days. Most people choose the high road, they pick a decent profession and try to make an honest living, but of course, alongside those same...
Read more →I lost count of how many times I have used Google Drive to convert a document to one format and download it as another. This generally means firing up a browser, logging into a random Google account, uploading the document, re-downloading it and then deleting to save space. Sure, there are utilities to do...
Read more →