Mindblown: a blog about philosophy.
-
VB2017 preview: Crypton – exposing malware’s deepest secrets
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long history of including papers on tools and tricks that make the task of analysing malware a lot easier. ‘Crypton’ is such a tool. It…
-
VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats
In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish government. It was another example in a growing trend of socio-political motivated attackers defacing websites, or performing other kinds of hacks, to spread their message. For…
-
Three questions to ask about security product bypasses
Techniques for bypassing security products feature prominently at security conferences and on security blogs these days. Indeed, with so many people relying implicitly or explicitly on products to protect themselves and their networks, these finding are to be taken seriously. If you work for a vendor that sells such products, I would recommend not giving…
-
VB2017 preview: Hacktivism and website defacement: motivations, capabilities and potential threats
In March this year, following a political row between the Netherlands and Turkey, a large number of Dutch websites were defaced to display messages in support of the Turkish government. It was another example in a growing trend of socio-political motivated attackers defacing websites, or performing other kinds of hacks, to spread their message. For…
-
Three questions to ask about security product bypasses
Techniques for bypassing security products feature prominently at security conferences and on security blogs these days. Indeed, with so many people relying implicitly or explicitly on products to protect themselves and their networks, these finding are to be taken seriously. If you work for a vendor that sells such products, I would recommend not giving…
-
VB2017: WHOIS and EICAR Small Talks added
In addition to the nine ‘last-minute’ papers that were announced and added to the VB2017 programme yesterday, we have also added two more ‘Small Talks’. The ‘Small Talks’ take place in a smaller room (hence the name) and last longer than regular VB2017 talks, thus giving a more informal atmosphere to allow for discussion and…
-
VB2017: WHOIS and EICAR Small Talks added
In addition to the nine ‘last-minute’ papers that were announced and added to the VB2017 programme yesterday, we have also added two more ‘Small Talks’. The ‘Small Talks’ take place in a smaller room (hence the name) and last longer than regular VB2017 talks, thus giving a more informal atmosphere to allow for discussion and…
-
VB2017: nine last-minute papers announced
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the majority of which was published in April – are still as relevant now as they were five months ago. Still, security is constantly evolving, and…
-
VB2017: nine last-minute papers announced
At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the majority of which was published in April – are still as relevant now as they were five months ago. Still, security is constantly evolving, and…
-
Patching is important even when it only shows the maturity of your security process
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process, sure. But it aint getting ya no shell. — Metlstorm (@Metlstorm) September 4, 2017 This Tweet by Adam Boileau (best known outside New Zealand as the co-host of the…
Got any book recommendations?