Introduction The topic of this blog post is not directly related to red teaming (which is my usual go-to), but something I find important personally. Last month, I gave an info session at a local elementary school to highlight the risks of public sharing of children’s pictures at school. They decided that instead of their … Continue reading An Innocent Picture? How the rise of AI makes it easier to abuse photos online.
In my previous post, I promised to expand on the distinction between adversary emulation, adversary simulation, red teaming, and purple teaming, or at least how I tried to distinguish these terms in a way that made sense to me Emulation and simulation; I've heard both terms used interchangeably to refer to the same type of … Continue reading What’s in a name? Thoughts on Red Team nomenclature
Around the end of November 2019, Florian Roth wrote a much-discussed post about problems he saw with today’s red teaming. I considered writing a blog post to diverge some of my ideas and “respond” to his concerns. However, as is often the case with these types of things, I didn’t get to it at the … Continue reading Thoughts on the recent Red Team debate
In this blog post, we will discuss a fairly new concept that has been gaining a lot of traction recently: Adversary Emulation. Adversary emulation aims to test a network’s resilience against advanced attackers or advanced persistent threats (APTs). To do so, the adversary’s tactics, techniques, and procedures (TTPs) are emulated along the cyber kill chain, … Continue reading The Rise of Adversary Emulation
About the CSCBE The Cyber Security Challenge Belgium (CSCBE) is a typical Capture-The-Flag (CTF) competition aimed at students from universities and colleges all over Belgium. All of the CSCBE's challenges are created by security professionals from many different organisations. The "Modbusted" challenge was created by Jonas B, one of NVISO's employees. First, some statistics about the Modbusted … Continue reading How CSCBE’s “Modbusted” challenge came to be
In this blog post, we will perform an analysis on some obfuscated scripts that we received. These files were already detected by automated scanners but as these are mainly malware droppers, we figured it could be interesting to do some manual analysis to determine where the actual malware is hosted. The first sample we will … Continue reading Analyzing obfuscated scripts using nothing but a text editor