Blogs
Global Glastopf statistics for May 2014
During the month of May the following information was obtained from Glastopf installations worldwide
Number of alert for the period: 1859863
Filenames (RFI) - 10 most popular during the period:
| Hash: | Hits: |
| 48101bbdd897877cc62b8704a293a436 | 2425 |
| 4997ed27142837860014e946eed96124 | 2050 |
| d070c4cccf556b9da81da1e2de3cba54 | 644 |
| 3cc11c8fa7e3e36f0164bdcae9de78ec | 330 |
Twitter
Facebook
LinkedIn
RedditGlobal Glastopf statistics for April 2014
During the month of April the following information was obtained from Glastopf installations worldwide
Number of alert for the period: 1325919
Filenames (RFI) - 10 most common during the period:
| Hash: | Hits: |
| F8a4da2e35b840891335d90cb48a6660 | |
| b8cbfe520d4c2d8961de557ae7211cd2 | 1072 |
| 3cc11c8fa7e3e36f0164bdcae9de78ec | 998 |
| 7de0bcb903eaba7881c6d03a8c7769a8 | 682 |
Thug 0.5 and KYT paper
Thu, 07/10/2014 - 10:01 — angelo.dellaeraThug 0.4.0 was released on June, 8th 2012 and a huge number of really important features were added since then. During the last two years I had a lot of fun thinking and designing the future of the project and I'm really proud of what Thug is now. I have to thank a lot of persons who contributed with their suggestions, ideas, bug reports and sometimes patches. You know who you are. Really thanks!
Released peepdf v0.3
After some time without releasing any new version here is peepdf v0.3. It is not that I was not working in the project, but since the option to update the tool from the command line was released creating new versions became a secondary task.
Thug in 5 minutes
Tue, 06/17/2014 - 10:10 — ali.ikinciEver wanted to run up a quick instance of Thug on a couple of malicious web sites or try it out but lacked the sys op knowledge or time to install it? Here is the opportunity. Thanks to Docker you can run Thug up in a matter of minutes. Jose Nazario and me have created two docker images which are in the Docker Hub ready to run.
So this is how to do it:
EXTRA workshop news !
Fri, 05/09/2014 - 19:19 — leon.van.der.eijkWell folks, just a few days and the workshops will kick off ! Registrants, please remember to bring your printed tickets !
The on-line registration was closed on May 8th and tickets are almost sold out. Just a few tickets are left for on-site registration. No promises, but if you are in the area. Check it out !
New release Thug version 0.4.37 !
Sun, 05/04/2014 - 13:44 — leon.van.der.eijkWith the release of version 0.4.37 the honeyclient thug also supports APK analysis. This feature is made possible through Androguard (https://code.google.com/p/androguard/) ! Grab your copy at https://github.com/buffer/thug or update your code with git pull !
Only three ticket left for botnet mitigation training !
Fri, 04/25/2014 - 15:49 — leon.van.der.eijkSo if you want to attend you better act fast. For more information and registration visit http://warsaw2014.honeynet.org/trainings.html#training1
In-depth interview: Felix Leder
Thu, 04/24/2014 - 18:36 — leon.van.der.eijkFelix Leder is the director for malware research at Blue Coat. Several malware analysis solutions, like Cuckoo box and Norman's Malware Analyzer G2, have been initiated by and grown around him. After starting in the mobile space with companies like Nokia, he turned to his favourite field of research IT-Security. During the time he worked for Fraunhofer and the University of Bonn, he joined into researching botnet mitigation tactics and new methodologies for executable and malware analysis. The results were successful takedowns and a PhD. Felix Leder is a reverse engineer and tool developer by heart. He has given world-wide classes on malware analysis, reverse engineering, and anti-botnet approaches. Participants range from governmental institutions, financial & security industries, to military bodies. Read along to know more about him!
We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.