Leading the uncertainty: the decision-driven approach

Many of my readers know me as a cybersecurity expert. More than 12 years of blogging on “security stuff”, malware analyses, cyber attack attributions, new tools and a personal (public here) cybersecurity observatory contributed a lot to push me into this specific direction. However during the past 10 years I did play many different roles. […]

Read more "Leading the uncertainty: the decision-driven approach"

Polymorphic Malware Using #AI

In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]

Read more "Polymorphic Malware Using #AI"

Many Generative Pre-Trained Transformer (GPT): a pragmatic evaluation.

Artificial intelligence (AI) is a rapidly evolving field that involves the development of intelligent machines that can perform tasks that typically require human intelligence, such as visual perception, speech recognition, decision-making, and language translation. AI has the potential to revolutionize the way we work and live, with the ability to automate tasks and processes, increase […]

Read more "Many Generative Pre-Trained Transformer (GPT): a pragmatic evaluation."

Phishing Kits: Threat Actors Analysis Research

Introduction Phishing kits are tools that dark side experts provide to the community of criminal phishers to facilitate the construction of malicious Web sites. As these kitsevolve in sophistication, providers of Web-based services need to keep pace withcontinuous complexity. Today I am proud to introduce a long time research that Andrea Venturi, Michele Colajanni, Giorgio […]

Read more "Phishing Kits: Threat Actors Analysis Research"

Windows System Calls For Hunters

Introduction System calls are the ultimate high-level atomic actions that Malware writers might control. System calls sequences are the defacto ultimate way to divide behaviors between good and bad. For example the system call “encrypt” could be used by a privacy oriented software to encrypt content before shipping-it to a cloud storage or it could […]

Read more "Windows System Calls For Hunters"

Running Shellcode Through Windows Callbacks

Introduction When I’ve firstly seen the technique behind the Shellcode execution through Microsoft Windows Callbacks, I thought it was pure magic. But then, digging a little bit on it, I figured out that it was just brilliant ! Nowadays this technique is quite used in underground communities to inject shellcode into running processes so I […]

Read more "Running Shellcode Through Windows Callbacks"

From a Phishing Page to a Possible Threat Actor

Disclaimer This blog post, as all the blog posts in my web-corner, want to share cybersecurity related researches and personal experiences in order to improve threats analysis, risks and cybersecurity awareness. In this specific cases junior cybersecurity analysts could improve their skills for free by understanding how to build threat intelligence and how to track […]

Read more "From a Phishing Page to a Possible Threat Actor"

Building your Kubernets Cluster For Cybersecurity Prototyping

Kubernets and server-less applications would be the biggest next things to protect. So it would be a great idea to start to get practice on such environment, especially if you had no previous opportunities. Here my post on how to build your first kubernets cluster based on Raspberry Pi4 ! Raspberry is a cheap and […]

Read more "Building your Kubernets Cluster For Cybersecurity Prototyping"