Paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

This is an 11 page white paper that goes through the current challenges faced by researchers to attribute cyber attacks. It goes through the current techniques such as, Timestamps Strings, debug and metadata Malware families, code reuse Threat infrastructure used It also┬ápresent some of the most advance APT's and their potential origin and techniques believed … Continue reading Paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks

Active Cyber Defense Tactics

Active cyber defense (ACD) is the concept of proactively opposing an attack in computers and networks. There are a series of tactics that can be applied in order to mitigate risk or detect adversaries inside the network. Active Hunting Security operations team focuses on reactive detection mainly based on signatures. In this scenario advanced attackers … Continue reading Active Cyber Defense Tactics

The new security paradigm shift (1)

From the early 80's to the first decade of the new millennium, security has evolved very fast, however it is in the last decade that the fastest and biggest shift has happened. We all remember the famous movie 'Hackers', with the exotic Angelina Jolie and that punk look of the golden times.┬áThese hackers were moved … Continue reading The new security paradigm shift (1)

Asymmetric Cyber Warfare (White Paper)

Digging into the concept of asymmetric cyber warfare and looking for current examples I got to the following white papers which provide an explanation and describe the asymmetric warfare concept. It is also discussed one the most sounded cases of asymmetric cyber warfare known until today, the Jester case. https://ccdcoe.org/sites/default/files/multimedia/pdf/3_2_LilesDietzRogersLarson_ApplyingTraditionalMilitaryPrinciplesToCyberWarfare.pdf https://www.sans.org/reading-room/whitepapers/attacking/jester-dynamic-lesson-asymmetric-unmanaged-cyber-warfare-33889