• Asia Adventure Time

    by  • June 15, 2013

    It’s that time of year again and I will be migrating across Asia for the next several weeks. If you happen to be at any of the locations mentioned below during those time frames, please let me know and maybe we can meetup! June 17-21 – Speaking at FIRST conference in Bangkok, Thailand July...

    Read more →

    CommentCrew Developer Disconnect

    by  • June 14, 2013

    Last week, my colleague on the advanced threat research team, Rob Falcone, pointed me over at a sample that hit on our CommentCrew DES signature. Normally I would shrug this off as something old, but the compilation time on the binary showed June 4, 2013 and the command-and-control (C&C) server appeared to be active....

    Read more →

    Redirecting Opportunistic Operators as a Service (ROOaaS)

    by  • May 28, 2013

    This theory is going to be a little out there, but go with me for a moment. It seems that you can almost get a job doing anything these days. Most people choose the high road, they pick a decent profession and try to make an honest living, but of course, alongside those same...

    Read more →

    Poor Man’s Conversion Using Google Drive API

    by  • May 19, 2013

    I lost count of how many times I have used Google Drive to convert a document to one format and download it as another. This generally means firing up a browser, logging into a random Google account, uploading the document, re-downloading it and then deleting to save space. Sure, there are utilities to do...

    Read more →

    PDF Beacons with JavaScript openDoc API

    by  • May 2, 2013

    I saw earlier in the week that McAfee had disclosed a information leak through one of the PDF JavaScript APIs. While it wasn’t exactly spelled out, I recognized the bug description as one I had reversed back in May of 2012. Why didn’t it hit the public then? Well, it wasn’t that interesting and...

    Read more →

    Preventing Jail Time and Torture with IOCs

    by  • April 1, 2013

    Last month I was fortunate enough to attend the 2013 Cyber Dialogue conference hosted in Toronto, Canada. Despite much of the conference centering around policy, privacy and governance, I really enjoyed myself and surely plan to go back next year....

    Read more →