In May 2018, when ESET published a blog post covering PDFs with 2 zero days, our interest was immediately piqued. Promptly after our analysis of these PDFs, we send out an early warning to our customers. Now that Microsoft published a blog post with the detailed analysis of the zero days, we find it appropriate … Continue reading Extracting a Windows Zero-Day from an Adobe Reader Zero-Day PDF
Hello, my name is Étienne de Jamblinne.I am a second year MA student in cyber-security at the ULB. I am the one on the left in Thibaut’s photo! As part of my program, I am required to do an internship that acquaints me with “real life” working experience. Security Awareness? Analysing my options, NVISO seemed … Continue reading My Internship Experience at NVISO – by Etienne de Jambelinne
A secret location.. A scavenger hunt to find it. Following the tradition, that’s how our teambuilding weekend (offsite) starts. | On D-day, at 8h30 we needed to be at the office to start our hunt, and only then we could get our first official clue: a QR code. This allowed us to download an app, which contained a scavenger hunt via which we could find … Continue reading One more year, on the way to… where?
Hi! I’m Thibaut, a bachelor student in Information Technology at Hénallux. As a final-year student, I have had the opportunity to do my internship at NVISO for 4 months. Let me share this experience with you! Why NVISO? The year before my internship, I took part in the Cyber Security Challenge Belgium 2017 with some … Continue reading My Internship Experience at NVISO – by Thibaut Flochon
This article describes the analysis of data exfiltration using blockchain as it was used in a challenge for the CSCBE 2018 qualifiers. The Cyber Security Challenge Belgium (CSCBE) is a typical Capture-The-Flag (CTF) competition aimed at students from universities and colleges all over Belgium. All of the CSCBE’s challenges are created by security professionals from many different organisations. … Continue reading Write-up on Blockchain data exfiltration (CSCBE18 qualifiers) challenge
TLDR: As part of our SANS SEC599 development efforts, we updated (fixed + added some new features) an existing Cuckoo Auto Install script by Buguroo Security to automate Cuckoo sandbox installation (& VM import). Download it from our Github here. Intro As a blue team member, you often have a need to analyze a piece … Continue reading Painless Cuckoo Sandbox Installation
During network traffic analysis and malware investigations, we often use IP and domain reputation lists to quickly filter out traffic we can expect to be benign. This typically includes filtering out traffic related to the top X most popular websites world-wide. For some detection mechanisms, this technique of filtering out popular traffic is not recommended … Continue reading Filtering out top 1 million domains from corporate network traffic