tag:blogger.com,1999:blog-8980539404499721568.post1512493849631603709..comments2023-10-25T09:01:11.195-04:00Comments on Reversing Malware: A little focus changeCurt Shafferhttp://www.blogger.com/profile/03556567888488295169noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-8980539404499721568.post-7762724449776475192013-12-04T18:06:29.551-05:002013-12-04T18:06:29.551-05:00Thats the hope itg33k. I just completed the first ...Thats the hope itg33k. I just completed the first of my three threat intel classes. I have a few more helpers as you can see under the contributors section so here is to hoping it picks back up. <br /><br />As far as hosting the samples, I'd really rather not. We have been using Offensive Computing so as to not reinvent the wheel. We may have some ideas cooking on using a Threat Intel platform such as Threat Connect (http://www.threatconect.com) or something similar thought.Curt Shafferhttps://www.blogger.com/profile/03556567888488295169noreply@blogger.comtag:blogger.com,1999:blog-8980539404499721568.post-43212155711200292862013-12-04T18:03:32.214-05:002013-12-04T18:03:32.214-05:00Eric, what do you mean by BitLocker? To show how w...Eric, what do you mean by BitLocker? To show how we continue to bypass it 7 ways from Sunday : x. Please let me know.Curt Shafferhttps://www.blogger.com/profile/03556567888488295169noreply@blogger.comtag:blogger.com,1999:blog-8980539404499721568.post-67918469473171163352013-12-04T17:56:33.503-05:002013-12-04T17:56:33.503-05:00BitLocker!BitLocker!Erichttps://www.blogger.com/profile/05303790204438327357noreply@blogger.comtag:blogger.com,1999:blog-8980539404499721568.post-90847952328307002052013-04-18T09:09:01.289-04:002013-04-18T09:09:01.289-04:00Curt,
This is a great approach, especially since ...Curt,<br /><br />This is a great approach, especially since network indicators will assist those that can create custom rules (ArcSight, etc…) and run logger searches. When it comes to host indicators those will also come in handy as well. I would like to see if in the future you can provide Malware samples, list of callbacks, Strings of interest (GET/POST) and possibly infection vector. Keep up the good work and looking forward to future articles.<br />itg33khttps://www.blogger.com/profile/10074343590276078196noreply@blogger.comtag:blogger.com,1999:blog-8980539404499721568.post-88162504917721426242013-03-27T13:00:18.392-04:002013-03-27T13:00:18.392-04:00Thanks! If you have anything you would like to see...Thanks! If you have anything you would like to see in a post, please let me know. Curt Shafferhttps://www.blogger.com/profile/03556567888488295169noreply@blogger.comtag:blogger.com,1999:blog-8980539404499721568.post-43203084339667062832013-03-25T13:20:45.145-04:002013-03-25T13:20:45.145-04:00I look very forward to your upcoming posts!
KPI look very forward to your upcoming posts!<br /><br />KPKen Pryorhttps://www.blogger.com/profile/06777221347861058406noreply@blogger.com