It took me quite a bit to finally find time to work through this amazing course made by @0verfl0w_ and @VK_Intel. …

The other day I read amazing presentation from Black Hills Information Security about how Blue Team can benefit from using Red Team tools and techniques to improve general security posture and their detection capabilities and started thinking if this works the other way. …

Because Ransomware attacks are currently number one cyber threat — techniques, tools and procedures for their detection and response become more and more important. There are a lot of ways how you can start detecting ransomware activity on your endpoint or network. For example catching creation of thousands DECRYPT_ME.txt on…

So far you got your first sample either during ongoing Incident Response or your are just studying (you can use this automated tool to collect in the wild samples). What are your next steps? Load sample to IDA and give it a try? …

Special thanks to FLARE team for their annual FLARE-On challenges! In this article I would like to show you how reverse engineering process looks like, where to put attention and some tricks I use. Let’s get started! I will use special FLARE-On Level from BHUSA2019 as example. Link to the…

When you only start learning malware analysis, it is always frustrating to find malicious samples, as those from practical malware analysis labs are a little bit old and you have already mastered them. These thoughts pushed me to research different malware sources and ways to automate this routine. Here is…