BlackHatEU2013 – Day2 – DropSmack: How cloud synchronization services render your corporate firewall worthless
Jake Williams (@malwareJake) from CSR Group has more than a decade of experience with systems engineering, network defines, malware reverse engineering, penetration testing and forensics. He spent some good time looking at Cloud synchronization services and is presenting some findings in this talks. First of all, think of Dropbox (or any similar tools) as a […]
One Flew Over The Cuckoos Nest – Automated Malware Analysis Claudio Guarnieri, senior researcher at iSight Partner, and part of the Shadowserver Foundation and the HoneyPot project. ¬†He works with malware on a daily basis, maintains malwr.com and is the main developer of the Cuckoo Sandbox, which is also the main topic of his talk. […]
March 21th I was in Paris for the annual Honeynet Workshop. For the first time this year there was a conference day accessible to the general public. Moreover, I didn’t have to pay the registration fee since I successfully completed one of the Honeynet Forensics challenges. The day was split in 4 sessions and had talks covering the Honeynet projects, malware, and ethical and legal considerations of tracking botnets and eventual take-downs.
Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the first week of december 2010, Obzy built a machine (default Windows XP SP3 installation, no patches, firewall turned off), named it “EGYPTS-AIRWAYS”, set up a honeypot + some other monitoring tools, and connected it to the internet.