DiskKill/HermeticWiper and NotPetya (Dis)similarities

Many security researchers, professional cybersecurity analysts and cybsec organizations realized great analyses on DiskKill (HermeticWiper), some of my favorite are HERE, HERE and HERE. Today what I’d like to do, is to focus on specific HermeticWiper characteristics and looking for similarities (or differences) to another similar (and well known) cyber attack happened in Ukraine few […]

Read more "DiskKill/HermeticWiper and NotPetya (Dis)similarities"

Building your Kubernets Cluster For Cybersecurity Prototyping

Kubernets and server-less applications would be the biggest next things to protect. So it would be a great idea to start to get practice on such environment, especially if you had no previous opportunities. Here my post on how to build your first kubernets cluster based on Raspberry Pi4 ! Raspberry is a cheap and […]

Read more "Building your Kubernets Cluster For Cybersecurity Prototyping"

Paradise Ransomware: The Builder

The ransomware builders remind me old times, where Nukes and Exploiters were freely available on the underground communities, when few clicks were enough to bypass many AV vendors and attackers were activists or single people challenging the system. Nowadays the way the “builders” are developed and the way the criminality is abusing them to generate […]

Read more "Paradise Ransomware: The Builder"

The Allegedly Ryuk Ransomware builder: #RyukJoke

Reverse Engineering is one of the most clear path to study Malware and Threat Attribution, by RE you are intimately observe in the developer mind figuring out techniques and, from time to time, even intents. My current role as a CEO of a mid-sized organization (thousands of people) tries to keep me away from RE, […]

Read more "The Allegedly Ryuk Ransomware builder: #RyukJoke"