Posts
SANS ISC Diary - Desktop.ini as a post-exploitation tool
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.

Overview of free online malware analysis sandboxes – 2020 edition
· β˜• 2 min read
Whether your work has anything to do with security monitoring, malware analysis, incident response, or just general IT administration, you’ve probably come across VirusTotal. It is an invaluable tool when it comes to identifying malicious code, however sometimes we need to dig a bit deeper than just getting a 'detection score' for a potentially dangerous file...

SANS ISC Diary - Analysis of a triple-encrypted AZORult downloader
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at analysis of an interesting malicious document which turned out to be AZORult downloader. What made it stand out - among its other aspects - were 3 layers of home-grown encryption...

Most visited adult sites actually beat some e-banking portals when it comes to encryption
· β˜• 5 min read
After I finished the analysis of SSL/TLS configuration of almost 1400 internet banking portals (see the relevant ISC Diary, a question came to me. Internet banking portals should be among the best secured systems put online, yet not all of them made the mark when it came to encryption used to secure HTTP traffic. Would the situation be even worse for sites which are commonly assumed to lack proper security measures?