Today we’ll briefly discuss crosschecking Team Cymru’s Malware Hash Registry against files found in memory or hibernation files by Volatility. We’re going to do it by hand at the command line, as a quick exercise in some ways to manipulate… Read More ›
Month: October 2016
This blog consists of seven very different infosec professionals’ responses to frequently asked questions about attribution, with thoughts, experiences, and opinions (focusing on nation state attribution circa 2016).
So what are these “challenge coins”? Challenge coins come from an old military tradition that bled into the professional infosec realm then into the broader hacker community through the continual overlap between the communities. In some ways like an informal… Read More ›
Threat intelligence is currently the trendy thing in information security, and as with many new security trends, frequently misunderstood and misused. I want to take the time to discuss some common misunderstandings about what threat intelligence is and isn’t, where it can be beneficial, and where it’s wasting your (and your analysts’) time and money.