Introduction We are living difficult times. From pandemic to Russia-Ukraine war. I was tempt to let a white post for remembering such a devastating times in my personal web corner, but I came out with the idea to remember these times by analyzing an involved sample in current cyber-conflicts. I start looking for Malware and […]Read more "A Malware Analysis in RU-AU conflict"
Disclaimer This blog post, as all the blog posts in my web-corner, want to share cybersecurity related researches and personal experiences in order to improve threats analysis, risks and cybersecurity awareness. In this specific cases junior cybersecurity analysts could improve their skills for free by understanding how to build threat intelligence and how to track […]Read more "From a Phishing Page to a Possible Threat Actor"
Many security researchers, professional cybersecurity analysts and cybsec organizations realized great analyses on DiskKill (HermeticWiper), some of my favorite are HERE, HERE and HERE. Today what I’d like to do, is to focus on specific HermeticWiper characteristics and looking for similarities (or differences) to another similar (and well known) cyber attack happened in Ukraine few […]Read more "DiskKill/HermeticWiper and NotPetya (Dis)similarities"
Many times you hear about cybersecurity standards and many times you find yourself in a way to evaluate what you are developing (or what processes are going on in your company) and figure out what is the best standard for your organization to follow. After the third times I had to check a book and […]Read more "Cybersecurity Standards: A Quick Overview"
Kubernets and server-less applications would be the biggest next things to protect. So it would be a great idea to start to get practice on such environment, especially if you had no previous opportunities. Here my post on how to build your first kubernets cluster based on Raspberry Pi4 ! Raspberry is a cheap and […]Read more "Building your Kubernets Cluster For Cybersecurity Prototyping"
APT28, also known as Sofacy Group is an (in)famous threat actor. It is a cyber espionage group believed to have ties to the Russian government. Likely operating since 2007, the group is known to target government, military, and security organizations and it has been characterized as an advanced persistent threat over the past years from […]Read more "APT28 SKINNYBOY: Cheat Sheet"
Ransomware are today very effective and they cause serious problems in many companies, we hear almost everyday entire businesses under ransom and companies who loose turnover and opportunities since have no available data to deal with. For such a reson I feel like I have to contribute in somehow to the community by giving what […]Read more "CONTI Ransomware: Cheat Sheet"
I received the “call” at the end of 2020 but my second TEDx was on late August 2021. It was a super, incredible wonderfull experience in where I met corgeos people and great professionals. I took this experience like a “summer project” and in three months I was able to deliver my speach. Great mentors […]Read more "Arts in digital defence"
I wrote several times about code obfuscation on my personal blog over the past 10 years, but this time I’d like to underline a different aspect of it, and a novel (at least for the best of my knowledge) approach to deal with deobfuscation. First of all let me remind that code obfuscation is not […]Read more "Program Synthesis for Deobfuscation"
The ransomware builders remind me old times, where Nukes and Exploiters were freely available on the underground communities, when few clicks were enough to bypass many AV vendors and attackers were activists or single people challenging the system. Nowadays the way the “builders” are developed and the way the criminality is abusing them to generate […]Read more "Paradise Ransomware: The Builder"