This year, in an effort to raise awareness about IoT security, we launched the Hack Our Train challenge. For over three weeks, a model train tirelessly chugged on its tracks inside our IoT village at Co.Station Brussels and then once more for two days at BruCON 2017. We provided it with an emergency brake system … Continue reading Hack Our Train
Staying up to date with the latest hot topics in Security is a requirement for any Security Consultant. Going to conferences is a great way of doing this, as it also gives you the opportunity to speak to peers and get a good view into what the security industry and the researchers are up to. … Continue reading NVISO at DEF CON 25
A new type of malicious MS Office document has appeared: a PowerPoint document that executes a PowerShell command by hovering over a link with the mouse cursor (this attack does not involve VBA macros). In this blogpost, we will show how to analyze such documents with free, open-source tools. As usual in attacks involving malicious … Continue reading Malicious PowerPoint Documents Abusing Mouse Over Actions
Yesterday, we released binsnitch.py - a tool you can use to detect unwanted changes to the file sytem. The tool and documentation is available here: https://github.com/NVISO-BE/binsnitch. Binsnitch can be used to detect silent (unwanted) changes to files on your system. It will scan a given directory recursively for files and keep track of any changes it detects, based … Continue reading Using binsnitch.py to detect files touched by malware
