Quantcast

Archive: Sep 2015

No Budget Threat Intelligence 4: Reversing Malware Samples

Having deliberately exposed a honeypot machine to attackers, Andrew Morris got a lot of incoming malware data, which he then reversed to get a better insight. Reversing these samples (see right-hand image) is a talk in and of itself. Actually, it’s reverse engineering the malware samples that you find....

No Budget Threat Intelligence 3: Discovery and Investigation

Andrew Morris has got some great points on the vulnerabilities prevalently used by remote attackers on the Internet, so read this part to learn what those are. Discovery & Investigation We are now going to talk about discovery and investigation. Bad guys are still using Shellshock to propagate pretty...

No Budget Threat Intelligence 2: Setting up Cheap Honeypots

A brief overview of threat intelligence infrastructure, where Andrew Morris focuses on tools for making honeypots that do not require a bunch of resources. Infrastructure (TL;DR) So, again, the tl;dr of infrastructure – we are going to talk about honeypots briefly. Raise your hand if you know what a...

No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap

Andrew Morris, formerly an Intrepidus Group employee and currently researcher at Endgame, proves at ShmooCon that threat intel doesn’t have to be expensive. Andrew Morris: So, this is “No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap”. First of all, thank you guys...