Security through explanation
On the 20th of June 2020, iHack took place as a virtual conference with two capture the flag games. The beginner CTF was aimed at starters, whereas the classic CTF was aimed at players who already played in a few CTF competitions. The MalwareTheFlag team created 9 challenges for the CTF. Four write-ups are given … Read more
Additions Added the A year in review: 2019-2020 article to the miscellaneous chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.
Additions Added the JavaScript string concatenation deobfuscation article to the analysis scripts chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.
People learn by doing, hence the saying practice makes perfect. Not everything that people make, is published. Sometimes researchers deliberately refrain from publishing specific material. In this blog, I want to talk about the balance between malware creation and malware research. Needless to say, the type of creation that is covered in this blog, is … Read more
MageCart groups have been roaming around for a while, infecting web shops left and right. Researchers have looked into the technical aspects of the skimmers, as have I. The recent COVID-19 pandemic opened up the playing field even further, which both criminals and researcher saw. Malwarebytes’ Jérôme Segura reported that there was a 26% increase … Read more
Additions Added the Corona Locker article to the Malware analysis chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.
Additions Added the Emotet JavaScript downloader article to the Malware analysis chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.
MalPull version 1.0-stable has been released! All information about the tool can be found here. This first release contains the basic functionality, but more features can always be added. Feel free to suggest features via the contact methods at the bottom of this post. Bugs can be reported in the same manner. To contact me, … Read more
In AndroidProjectCreator 1.3.1-stable, a bug where spaces in path names would be interpreted as multiple command line arguments has been fixed. This happens more often on the Windows platform, as a lot of users use their first and last time as their username. As such, there is a space in the path. The code has … Read more
Additions Added the Azorult loader stages article to the Malware analysis chapter. To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @LibraAnalysis.