Posts
Presentations from 67th TF-CSIRT meeting - Threat modeling with ATT&CK and How quickly do we patch?
· β˜• 1 min read
67th meeting of the TF-CSIRT community took place this week and I've had a chance to contribute to it with two presentations - one discussing the speed with which we apply patches (from a global standpoint), and another one, in which we looked at a basic approach to threat modeling using MITRE ATT&CK. If you would like to take a look at the slides, they are now available for download...

SANS ISC Diary - Traffic Light Protocol (TLP) 2.0 is here
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a new version of the Traffic Light Protocol standard, which was published by FIRST earlier this week…

SANS ISC Diary - EternalBlue 5 years after WannaCry and NotPetya
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at the number of internet-exposed systems that are still vulnerable to the EternalBlue exploit…

Malware analysis - 'video write-up' of one of the ECSC 2021 challenges
· β˜• 1 min read
I published a new video on YouTube today, which shows one possible solution for a 'malware analysis task' which I prepared for the final round of last year's European Cyber Security Challenge. If you would like to take a closer look at the multi-stage 'malware' which contestants in the ECSC 2021 had to analyze, or if you would like to try to analyze the sample yourself, now you have a chance to do so...