Author: Keith

New Endeavors Ahead

This weekend, I had a fleeting thought about how long it had been since I posted here, but I suppose I didn’t realize it had been quite that long. Long story short, the past few months have been pretty busy and there are some very exciting things coming around the corner for me that I’m […]

Read More →

BsidesBoston!

I had the pleasure of attending my first Bsides event yesterday and it went great! Special thanks to all the organizers, sponsors, and other presenters for making it awesome. The venue was nice, and I think events like these are perfect for newb presenters like myself to start getting some experience. I was also happy […]

Read More →

BeaCon Preso on Malformity

I had the pleasure of speaking at BeaCon yesterday in Boston, MA. Thanks to MassHackers and everyone else that helped put the event on! It was great to be able to meet other security people in New England, especially since I’ve talked to many of them on Twitter. My presentation went well, though I came […]

Read More →

Understanding Your Adversary

Over the past year, perhaps more, there has been an increasing amount of discussion about whether or not organizations need to “know” their adversary. The topic roared up upon the publication of Mandiant’s Intel Report and the subsequent publications by other vendors. Naturally, much of the discussion seems to focus on espionage type attacks, but […]

Read More →

How To: Installing Malformity

Malformity was released a couple of weeks ago. If you missed it, the original post and the follow up provide more background on the project. This post is meant to get you started using Malformity and provides a quick overview of how to install it. First, if you don’t have Maltego, you should head over […]

Read More →

Book Review: Violent Python

A plane ride last week provided me the opportunity to knock one of my queued books off the stack. I had the pleasure of reading Violent Python by TJ O’Connor in its entirety during my flight. I wish that I would have been in a better environment to try out some of the exercises, but […]

Read More →

Additional Notes on Malformity

Earlier this week, I published a post on my employer’s blog about a project that I’ve started working on. The project, called Malformity, is a local transform package for Maltego that can be used to assist in conducting malware and malicious infrastructure research. Since this won’t re-hash all the basics introduced in that post, I […]

Read More →

Book Review: Reverse Deception

I recently finished reading Reverse Deception: Organized Cyber Threat Counter-Exploitation by Bodmer, Kilger, Carpenter, and Jones. When I purchased the book, I was a little hesitant because of the current and former positions the authors have held. I know that, with topics such as those in this book, the pre-publication review process has the potential […]

Read More →

Brief OSINT review for CVE-2012-1535 Attacks

On August 15th, Jaime Blasco over at AlienVault Labs posted a description of a malicious word document with an embedded flash file that exploits CVE-2012-1535 (Original here). The document described within the specific attack was titled “iPhone 5 Battery.doc”, and the dummy document displayed after exploitation is a legitimate article that was posted on August […]

Read More →

Crowdsourcing for InfoSec

About a week ago, I saw a tweet by @c_APT_ure referencing a new category in the established domain-tagging system at OpenDNS. They (OpenDNS) recently added both a malware and botnet category that can be submitted for review (official announcement here). For those who don’t know how the domain tagging works, it basically goes like this: […]

Read More →