My journey reaching #1 on Hack The Box Belgium – 10 tips, tricks and lessons learned.

Ranked #1 on HackTheBox Belgium Not so long ago, I achieved a milestone in my penetration testing career.: reaching rank 1 on HackTheBox. For those of you that don't know what Hack The Box (HTB) is: Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and … Continue reading My journey reaching #1 on Hack The Box Belgium – 10 tips, tricks and lessons learned. →

The return of the spoof part 2: Command line spoofing

A few days ago I wrote a blog post about the evolving landscape of threat detection and how attackers need to adapt their techniques. In the previous post, I talked about one of the deception techniques that attackers are now using, called parent process ID spoofing. In this blog post, I'll talk about another deception … Continue reading The return of the spoof part 2: Command line spoofing →

The return of the spoof part 1: Parent process ID spoofing

Years ago (as early as 2009), my colleague Didier Stevens wrote a blog post about parent process ID spoofing. Back then, most companies were not as secure as they are now, therefore, most attackers got away with 'basic' exploitation, not having the need to do much obfuscation or deception. Thankfully, the security posture of the … Continue reading The return of the spoof part 1: Parent process ID spoofing →

Creating Responders in The Hive

The Hive is an open source Security Incident Response Platform (SIRP) that has gained quite some popularity over the last few years. One of the many reasons is the link with Cortex and its Analyzers and Responders. Analysts can automate the response to existing cases by initiating one or more Responders. This blog will show … Continue reading Creating Responders in The Hive →

Here phishy phishy : How to recognize phishing

Here phishy phishy... - source: Combell According to our latest research, which can be seen in this video , an astonishing 32% of employees click on phishing URL's, and 1 in 5 emails can be considered as malicious. But what makes a phishing attack successful? Are we really that naive to let ourselves become phishing … Continue reading Here phishy phishy : How to recognize phishing →

3 techniques to defend your Machine Learning models against Adversarial attacks

Following our accounts of what adversarial machine learning means and how it works, we close this series of posts by describing what you can do to defend your machine learning models against attackers. There are different approaches to solve this issue, and we discuss them in order of least to most effective: target concealment, data … Continue reading 3 techniques to defend your Machine Learning models against Adversarial attacks →

This is not a hot dog: an intuitive view on attacking machine learning models

In a previous post we introduced the field of adversarial machine learning and what it could mean for bringing AI systems into the real world. Now, we'll dig a little deeper into the concept of adversarial examples and how they work.For the purpose of illustrating adversarial examples, we’ll talk about them in the context of … Continue reading This is not a hot dog: an intuitive view on attacking machine learning models →