Today I propose to get acquainted with LockBoxx’ post. He decided to share a collection of open-source, automated static and dynamic binary analysis tools that he covers. These tools include a myriad of static analysis, dynamic analysis, and reporting tools, which we will cover in-depth in the following article. His goal is for a useful set of internal tools and a great learning experience in both reverse engineering and building a micro-service architecture for automated analysis.
Dimitrios Margaritis is an IT security officer in the European Economic and Social Committee. He holds a degree in Computer Science from the University of Piraeus and a Diploma in Management from Henley Management College.
Government organizations are usually a complex object of opponents, and traditional methods of detection are not very effective. In this presentation, the authors tried to provide an overview of free tools and methods that were implemented in high-risk environments that are constantly being attacked. It will give detailed information about the use of Microsoft Sysmon and Powershell log data for detection – the ability to search from host-based [...]
“If we look at security breaches over the last five to seven years, it’s pretty clear that people, whether it’s through accidental or intentional introduction of malware, represent the single most important point of failure in terms of security vulnerabilities,” said Eddie Schwartz, chair of ISACA’s Cyber Security Advisory Council.
With a Masters in Data Forensics Management, Timothy LaTulippe has assisted in complex investigations in both the public and private sectors, working with government agencies, Fortune 100 corporations and AM Law 100 firms. He wrote a post on why mobile chat rooms are my first source of information for investigations.
In mid-May 2017, many companies around the world were attacked by the WannaCry network crypto variant. The Wannacle malware spread across local networks and the Internet by exploiting the CVE-2017-0143 (MS17-010) vulnerability in components of the SMBv1 service (port TCP 445) in Windows operating systems. Since the industrial network is not directly connected to the Internet, and access is provided through the corporate network using NAT, a firewall and a corporate proxy server, which makes it impossible to infect such systems via the Internet. There are typical industrial network configuration errors, which have led to WannaCry infections, according to our data:
August 12, 2016 Ahmed Mansour, human rights defender of the United Arab Emirates, received a malicious SMS message on his iPhone 6 (running iOS 9.3.3). The team at the Citizen Lab of the University of Toronto came to the conclusion that Mansoor had been targeted by a combined package of three zero-day exploits capable of taking control of his phone, and spying on his emails, text messages, calls, and contact lists – an assault Which Lookout’s vice president of security research and response, Mike Murray described as showing “an incredible level of sophistication and commitment.”, analyzing this message.