• Preventing Jail Time and Torture with IOCs

    by  • April 1, 2013

    Last month I was fortunate enough to attend the 2013 Cyber Dialogue conference hosted in Toronto, Canada. Despite much of the conference centering around policy, privacy and governance, I really enjoyed myself and surely plan to go back next year....

    Read more →

    Same CVE-2012-0158, Different Builder

    by  • March 11, 2013

    Over the past few weeks, I have been fortunate to watch the birth of a new CVE-2012-0158 builder that demonstrates original technique with excellent results (not for long). What is a builder you ask? Well, some attackers/researchers/whatever like ...

    Read more →

    Mandiant APT2 Report Lure

    by  • February 21, 2013

    This morning I identified a PDF with the name "Mandiant_APT2_Report.pdf" uploaded from India and was using a lure different than what Symantec just reported on. The file is password protected following the theme Xecure and myself had seen last yea...

    Read more →

    Existing Vulnerabilities > 0days

    by  • February 16, 2013

    Earlier today I accidently opened up Twitter and saw this tweet: Some may disagree with the statement, but looking at targeted files on a daily basis, I would say it's pretty accurate. Truth be told, it only takes one person to open up the infecte...

    Read more →