In this blogpost we are going to look into hooks, how to find them, and how to restore the original functions.
In current times, security measures have become increasingly important for the continuity of our businesses, to guarantee the safety for our clients and to confirm our company’s reputation. While thinking of security, our minds will often jump to the ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards. Especially in Europe & Asia, these have been the leading … Continue reading What ISO27002 has in store for 2022
NVISO employees in Frankfurt and Munich showcased their work in Cybersecurity to the girls with live hacking demos, a view behind the scenes of NVISO and hands-on tips for their personal online security. Participating in the Germany- Wide "Girls Day", we further widened the field of future career choices for the young visitors and brought … Continue reading Girls Day at NVISO Encourages Young Guests To Find Their Dream Job
In this blog post, we will not only analyze an interesting malicious document, but we will also demonstrate the steps required to get you up and running with the necessary analysis tools. There is also a howto video for this blog post. I was asked to help with the analysis of a PDF document containing … Continue reading Analyzing a “multilayer” Maldoc: A Beginner’s Guide
When you work for NVISO, we invest heavily in your personal development: to ensure you reach your full potential as a top class cyber security specialist.
This week I try to figure out “what makes a driver a driver?” and experiment with writing my own kernel hooks. 1. Windows Kernel Programming 101 In the first part of this internship blog series, we took a look at how EDRs interact with User and Kernel space, and explored a frequently used feature called … Continue reading Kernel Karnage – Part 2 (Back to Basics)
Third Party Risk Management (“TPRM”) efforts are often considered labour-intensive, with numerous tedious, manual steps. Often, an equal amount of effort is put into managing the process as is to focusing on risks. In order to avoid this, we’d like to share three ways in which we’ve been boosting our own TPRM efficiency - through … Continue reading Automate, automate, automate: Three Ways to Increase the Value from Third Party Risk Management Efforts
Wi-Fi devices are affected by a series of new attacks on the Wi-Fi protocol, known as FragAttacks and released in May 2021. These attacks have complex requirements and impacts. We attempt to shed some light on those and provide some guidance for users, developers and asset owners (integrators or IT staff).
While banking trojans have been around for a very long time now, we have never seen a mobile malware family attack the applications of Belgian financial institutions. Until today... Earlier this week, the Italy-based Cleafy published an article about a new android malware family which they dubbed TeaBot. The sample we will take a look … Continue reading New mobile malware family now also targets Belgian financial apps
For many years, industrial automation and control systems (IACS) relied on the fact that they were usually isolated in physically secured areas, running on proprietary hardware and software. When open technologies, standard operating systems and protocols started pushing their way into IACS replacing proprietary solutions, the former “security through obscurity” approach did no longer work. … Continue reading Securing IACS based on ISA/IEC 62443 – Part 1: The Big Picture