Announcement: open-sourcing ee-outliers

Today, we are excited to announce we are open-sourcing ee-outliers, our in-house developed framework to detect outliers in events stored in Elasticsearch! The framework was developed for the purpose of detecting anomalies in security events, however it could just as well be used for the detection of outliers in other types of data. We have … Continue reading Announcement: open-sourcing ee-outliers

Hacking Connected Home Alarm Systems – The Expensive [part 2]

TL;DR: We were wondering whether price affects the security of IoT appliances. So we verified the security of two differently priced connected home alarm systems. Both IoT alarms are marketed as an easy solution to protect your home. Unfortunately we find this not to be the case as we identified multiple critical vulnerabilities in both systems.  … Continue reading Hacking Connected Home Alarm Systems – The Expensive [part 2]

Helping children to get creative with code – NVISO @ WeGoSTEM

WeGoSTEM is an initiative that gives pupils of the 5th and 6th grade the chance to discover their talent for science and technology in a creative way. Each year WeGoSTEM wants to reach thousands of children and make them enthusiastic about STEM (Science, Technology, Engineering, Mathematics). Just like last year NVISO employees volunteered and  spent … Continue reading Helping children to get creative with code – NVISO @ WeGoSTEM

Hacking Connected Home Alarm Systems – The Cheap [Part 1]

TL;DR: We were wondering whether price affects the security of IoT appliances. So we verified the security of two differently priced connected home alarm systems. Both IoT alarms are marketed as an easy solution to protect your home. Unfortunately we find this not to be the case as we identified multiple critical vulnerabilities in both systems. … Continue reading Hacking Connected Home Alarm Systems – The Cheap [Part 1]

My Internship Experience at NVISO – by Thibaut Flochon

Hi! I’m Thibaut, a bachelor student in Information Technology at Hénallux. As a final-year student, I have had the opportunity to do my internship at NVISO for 4 months. Let me share this experience with you! Why NVISO? The year before my internship, I took part in the Cyber Security Challenge Belgium 2017 with some … Continue reading My Internship Experience at NVISO – by Thibaut Flochon

Stalking a reporter – behind the scenes!

Introduction Around mid-October we got a call from a reporter working on an article covering online privacy and social media. Rather than writing about others, the reporter wanted to have his own story. So, he asked NVISO to research him on-line, and find out as much as possible about him! Of-course, after agreeing on some … Continue reading Stalking a reporter – behind the scenes!

Developing complex Suricata rules with Lua – part 2

In part 1 we showed a Lua program to have Suricata detect PDF documents with obfuscated /JavaScript names. In this second part we provide some tips to streamline the development of such programs. When it comes to developing Lua programs, Suricata is not the best development environment. The "write code & test"-cycle with Suricata can … Continue reading Developing complex Suricata rules with Lua – part 2