Hi! I’m Thibaut, a bachelor student in Information Technology at Hénallux. As a final-year student, I have had the opportunity to do my internship at NVISO for 4 months. Let me share this experience with you! Why NVISO? The year before my internship, I took part in the Cyber Security Challenge Belgium 2017 with some … Continue reading My Internship Experience at NVISO – by Thibaut Flochon
Introduction Around mid-October we got a call from a reporter working on an article covering online privacy and social media. Rather than writing about others, the reporter wanted to have his own story. So, he asked NVISO to research him on-line, and find out as much as possible about him! Of-course, after agreeing on some … Continue reading Stalking a reporter – behind the scenes!
In this blog post, we will perform an analysis on some obfuscated scripts that we received. These files were already detected by automated scanners but as these are mainly malware droppers, we figured it could be interesting to do some manual analysis to determine where the actual malware is hosted. The first sample we will … Continue reading Analyzing obfuscated scripts using nothing but a text editor
Since late 2014 we witness a resurgence of campaigns spamming malicious Office documents with VBA macros. Sometimes however, we also see malicious Office documents exploiting relatively recent vulnerabilities. In this blog post we look at a malicious MS Office document that uses an exploit instead of VBA. The sample we received is 65495b359097c8fdce7fe30513b7c637. It exploits vulnerability CVE-2015-2545 … Continue reading Maldoc: It’s not all VBA these days
During red teaming assignments we are sporadically asked to attempt to gain access to certain physical “flags”. These flags could be the inside of a server room, or the workstation of a member of the management team. Aside from these red teaming assignments, in most organisations, access badges are often the single factor of security … Continue reading A practical guide to RFID badge copying
TLDR; We found several ICS systems in Belgium that were exposed to the internet without requiring any authentication. Screenshots below. Update 19/12: We've also had some coverage in the media about this research. 'De Standaard' did an article about it and so did 'Datanews' (in Dutch and in French). Industrial Control Systems (ICS) is the … Continue reading A 30-minute sweep of Industrial Control Systems in Belgium