-
Aug 20, 2018
In my previous post "Code injection on Windows using Python: a simple example", i've explored the ctype python library and the usage of Windows API in order to perform a code injection on 32bit systems. All tests was performed… read more »
-
Aug 13, 2018
How quantum physics can make encryption stronger Currently Vikram Sharma is the CEO (and founder) of QuintessenceLabs (or Q-Labs) which uses quantum technology to strengthen cryptographic key management and recently released a quantum random number generator stuffed into a PCI… read more »
-
Aug 6, 2018
Recently i had to perform some comparative tests on a couple of whitelisting solutions. One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted… read more »
-
Aug 1, 2018
The Netflix Security Intelligence and Response Team (SIRT) has released (under Apache 2.0 license) a triage tool to help digital forensics and incident response teams quickly identify compromised hosts on which to focus their response. The tool, written in python… read more »
-
Jul 30, 2018
Recently i've published this post focused on hunting malware using volatility and Yara rules. Into the article i've shared the simple script which i use for downloading and merging all yara rules related to malware into a single file, useful… read more »
-
Jul 27, 2018
A 2 hour video biography of the great guitarist Julian Bream. Julian Bream needs no introduction but... Who is Julian Bream? Julian Alexander Bream, (July 15, 1933, London), is an internationally celebrated English guitarist and lutenist who inspired new interest… read more »
-
Jul 25, 2018
Spoiler: shame on DumpIT! Some days ago, I was busy with a forensic analysis on a Windows server. The machine was a Windows Server 2008 R2, used as webserver, with 24 GB of RAM. But during memory analysis with Volatility,… read more »
-
Jul 23, 2018
The ability to quickly and reliably detect lateral movement in the network is one of the most important skills in information security today: the lateral movement attack phase represents the biggest difference between a targeted and strategic attacks and a simplistic… read more »
-
Jul 20, 2018
Joaquín Rodrigo’s Concierto de Aranjuez is one of the most popular concertos of all time, one of the most original masterpieces of the 20th century. Its beautiful central Adagio has been arranged for everything, from mouth, organ to brass… read more »
-
Jul 18, 2018
Having a solid grasp of tcpdump is mandatory for anyone desiring a thorough understanding of TCP/IP. What is tcpdump? Tcpdump is one of th best network analysis tool for information security professionals. tcpdumpruns under the command line and allows the… read more »
-
Jul 16, 2018
Previously i've talked a lot about Volatility, and i've published also some articles about YARA. Today i'd like share a brief and simple workflow, useful for a first high-level analysis of memory dumps in order to search the presence of… read more »
-
Jul 13, 2018
“Shape of My Heart” is a song by Sting from his album "Ten Summoner’s Tales", released in 1993. The song was co-written by guitarist Dominic Miller. This transcription was born during a guitar lesson: one of my students asks me… read more »
-
Jul 11, 2018
Application whitelisting is the practice of specifying an index of approved software applications that are permitted to be present and active on a computer system. The main goal to protect critical systems from potentially malicious applications. How it works? The… read more »
-
Jul 9, 2018
Which is the best command line text editor? Seriously, i don't know! In my opinion, the best choice depends by the context: undoubtedly EMACS is the most complex and comprehensive, and VIM is the right balance between features and simplicity.… read more »
-
Jul 6, 2018
Recently i have found on YouTube some wonderful recordings of Heitor Villa-Lobos playing his own music. https://www.youtube.com/watch?v=KLbZLmIhggA https://www.youtube.com/watch?v=UZkEYK4WKKg The recordings seems to be extracted from the CD Villa Lobos Plays Villa-lobos, published by Sanctus Records and also available on Spotify:… read more »
-
Jul 4, 2018
Researchers at Kromtech Security Center discovers seventeen malicious Docker containers with embedded cryptominer applications that permitted to cybercriminals to earn $90,000 in 30 days. According to the Kromtech's report, containers are shaping up to be the next target for these… read more »
-
Jul 2, 2018
bash (Bourne Again shell) is the standard GNU shell, a powerful tool for the advanced and professional user. This shell is a so-called superset of the Bourne shell, a set of add-ons and plug-ins. This means that the Bourne Again… read more »
-
Jun 29, 2018
This little piece has an interesting story. Many years ago i played guitar for a brief period in a melodic rock group that tried to propose some original songs. In this period i have written some original instrumental pieces but,… read more »
-
Jun 27, 2018
Some days ago, with a colleague, i've talked about the real usefulness of USB hardware locks on critical clients/servers. USB Locks are tools that allows to completely avoid the use of USB ports using a simple padlock. Well, in my… read more »
-
Jun 25, 2018
When you develop an application, often you could need to store some configurations. This data can contain a lot of sensitive informations, and this is a critical point if your sourcecode is hosted on a GitHub repository. In fact, a… read more »