Detecting and Analyzing Microsoft Office Online Video

A while ago, a new technique was developed to execute arbitrary code via a Word document: an online video is embedded and the HTML code for the embedded video is modified with JavaScript that launches a Windows executable. This technique does not rely on VBA macros and requires the use of the .docx format (for … Continue reading Detecting and Analyzing Microsoft Office Online Video

Optimizing Elasticsearch for security log collection – part 1: reducing the number of shards

Nowadays, logs collection for security monitoring is about indexing, searching and datalakes; this is why at NVISO we use Elasticsearch for our threat hunting activities. Collecting, aggregating and searching data at a very high speed is challenging in big environment, especially when the flow is bigger than expected. At NVISO, we are constantly seeking for … Continue reading Optimizing Elasticsearch for security log collection – part 1: reducing the number of shards