Our recent article should be interesting for all of you working with open source infosec tools. We identified 100 popular tools based on public data. The article is available at https://t.co/RYzGmEOpSe. #Cybersecurity #OpenSource #OUSPG #UniOulu

Security testers are challenged by the attackers and the need for test automation. I explore the idea of agile security testing, performing penetration testing first and designing test cases after that. https://t.co/1gWqjKMRsw #cybersecurity #agile #automation #testing

I continued my posts on cybersecurity by arguing that security testing can also be done bottom-up. Compared to top-down security analysis this may produce findings faster and be more applicable in many situations. https://t.co/D9H4D6gJRK #CyberSecurity #SecurityTesting

I continued with my blog posts on software security. Now I present 10 secure design principles and examples of how to map them into software security requirements. #CyberSecurity #SoftwareEngineering #SecureDesign https://t.co/2lvdvFeKIR

I wrote a blog post on software security requirements. Software features are often defined by positive features only. Security can be improved by ruling out insecure unwanted features by negative requirements. #CyberSecurity #SoftwareEngineering https://t.co/HRknjDSXsI

I wrote a blog post on security testing, weaknesses, vulnerabilities, and how to turn tables with the attackers: https://t.co/umo88ENbjI #cybersecurity #security #testing

We held a CTF (capture the flag) event as a part of CriM 2020. This was our first time arranging a CTF. Our experience was good, but there were few things we could have improved. Read more at https://t.co/vSc7X2V6b0 #ctf #ctfd #kubernetes #infosec

I had a talk with @robertvamosi from @ForAllSecure about security tools and open source (me talking from 11 mins onwards): https://t.co/VT9ZXZ9swy #infosec #opensource #cybersecurity

Check out my recent blog post! I wrote how we at OUSPG preserve the native command-line experience for (cyber security) tools packaged to containers for easy installation and security. #containers #dfir #cybersecurity #commandline

Read our blog post to see what else we can do with the #shellcode and #CinCan: https://t.co/SlT1XCjlQu. 5/5

We find out that the #malicious JS code #exploits a buffer overflow that forces the machine to execute the #shellcode stored in the payload variable. 4/5

CinCan’s #peepdf tool extracts suspicious JavaScript code from the PDF into javascript.txt. 3/5

CinCan’s #PDFiD tool shows that the PDF contains "/JS" and "/JavaScript" objects which raises 🚩🚩 because they might contain #malicious code. 2/5

CinCan ♥️ PDFiD+peepdf: Find hidden #malware in your PDF files! PDF #exploiting a #vulnerability that enables JS execution is a common mechanism of infection. We'll use #CinCan’s tools #PDFiD to find suspicious objects in PDF and #peepdf to take a look at what’s inside them.1/5

.@CinCanproject aims to relieve your digital #forensics pains by creating open source #tools and automated tool chains. Get acquainted with the tools: https://t.co/NyM4XSK745 #docker #DFIR #cincan #Minion #cybersecurity

Today is officially final day of the CinCan project! We would like to thank everyone who has participated to this project in a way or another. Of course there is plans to continue this work in Autumn but first we are heading to summer holiday! Have a secure summer!

CinCan project is having a workshop showcasing DFIR tools tomorrow 8:00 - 12:00 UTC https://t.co/7Dn9bvOhjt Tasks include #phishing #memoryanalysis #documentanalysis #deobfuscation #reversing #Dotnet #malware See you at 11:00 in WhereBy:

Setting up a #Cortex server has many #benefits, such as keeping track of your #analyzer job history and #support for #co-working via #organization and #user #management. See #example #setup #files, #scripts and #instructions from the blog post! 6/6 https://t.co/lJexnASVQk

After running the modification script, the #IoCs are sent to #VirusTotal, the resulting report can be seen from the #Cortex #web #interface. The #scan #report from #VirusTotal classifies the first address as #suspicious. It was a #kill #switch domain for #WannaCry ransomware.5/6

There are a number of #tools on how to extract indicators of compromise (#IoCs) for #Cortex #Analyzers. In this example we will be using the #dockerized #ioc_strings tool, which can extract #hashes, #emails and links from files. We will be analyzing a #WannaCry.exe 4/6