This page is used to keep a track of my external work, including blogs, research, conferences, and media interview. Research Blogs Title: 5 Critical Components to Include in Your Next Threat Intel Brief Date: March, 2022 URL: 5 Critical Components to Include in Your Next Threat Intel Brief (feedly.com) Title: Operation ‘Harvest’…

To deliver an application, developers can use Windows installers. Windows installers are software components used for installing, maintaining, and removing a program. Windows installer can be used:​ To bundle a software with dependency dll or other software, To add additional commands during the installation process,​ Load specific configuration required by…

I often get messages from people wanting to learn more about reverse engineering and malware. I always refer to the same books and I though it might be a good idea to share my best selection in this blog so that I can easily link to this page. I mostly…

The Log4Shell (CVE-2021–44228) is a zero-day vulnerability in Log4j a Java logging framework, which has been released in December 2021. This vulnerability allows a remote code execution. It is estimated that the exploit affects hundreds of millions of devices and is quite simple to execute. The vulnerability takes advantage of…

To understand a vulnerability, it is sometimes useful to study the patch and compare it to see what has changed. On the Windows environment, patches are distributed through the update process in a Microsoft Standalone Update (MSU) file. In this RE tips, we are going to see how we can…

When doing reverse engineering, it is important to understand the data structures that can be used by a program. Being able to reconstruct these data structures during disassembling will be very useful during your analysis and improve the understanding of the program. In this RE tips, I will explain a…

The past weeks have been very busy with the critical vulnerability PrintNigthmare and the REvil attack which breached Kaseya MSP. A lot of content have already been published and discussed. In this Security Highlight expect content not related to these two, but information that you may have missed. Here is…

Already summertime and I know that some of you are experiencing hot weather in some parts of the planet! Here is Security Highlight number 3: your fresh news condensed to stay up to date in just 3 minutes! Enjoy reading! If you want to stay up to date on future…