Malware analysis - 'video write-up' of one of the ECSC 2021 challenges
· β˜• 1 min read
I published a new video on YouTube today, which shows one possible solution for a 'malware analysis task' which I prepared for the final round of last year's European Cyber Security Challenge. If you would like to take a closer look at the multi-stage 'malware' which contestants in the ECSC 2021 had to analyze, or if you would like to try to analyze the sample yourself, now you have a chance to do so...

Log4shell Lightning talk - 2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe
· β˜• 1 min read
Few weeks ago, I attended the 2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe and gave a lighting talk there discussing couple of interesting trends seen in Log4shell exploitation attempts and the possibility to create a simple generic defense agains similar attacks in the future. Recordings of all the talks are now available on YouTube...

SANS ISC Diary - Phishing e-mail with...an advertisement?
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a slightly unusual phishing message that contained text reminiscent of an advertisement for Xerox products…

Podcast with Gaper.io about (not just) work from home security
· β˜• 1 min read
I’ve been invited to do a podcast with Gaper.io some time back, and the resulting recording was published today. Mark Allen, Gaper’s business development director, and I spent nearly 20 minutes talking about different security aspects of work from home, general security awareness and several other topics. If you’re looking for a light, security-related podcast listen to, this one might not be a bad choice…