diff --git a/docs/content.md b/docs/content.md index 2d50303..0c3d22c 100644 --- a/docs/content.md +++ b/docs/content.md @@ -6,37 +6,51 @@ title: Content # Presentations -[Reverse Engineering Malware 101] | WiCys Conference 2017, DEF CON 2017 +Reverse Engineering Malware 101 +*WiCys Conference 2017, DEF CON (Packet Hacking Village) 2017* -.Net Hijacking to Defend Powershell [slides](https://securedorg.github.io/docs/Cansecwest2017_NETHijackingPowerShell.pdf) | BSides 2017, CanSecWest +.Net Hijacking to Defend Powershell [slides](https://securedorg.github.io/docs/Cansecwest2017_NETHijackingPowerShell.pdf) +*BSides 2017, CanSecWest 2017* -Instegogram: Leveraging Instagram for C2 via Image Steganography [slides](https://securedorg.github.io/docs/InstegogramDefCon2016_H_A_Dredatcted.pdf) | DefCon (Crypto Village) 2016 | +Instegogram: Leveraging Instagram for C2 via Image Steganography [slides](https://securedorg.github.io/docs/InstegogramDefCon2016_H_A_Dredatcted.pdf) +*DefCon (Crypto Village) 2016* -OSX Malware: Plists, Shell Scripts, and Objective-C, Oh-My! [slides](https://securedorg.github.io/docs/MIRcon_2014_RD_Track_Plists_Shell_Scripts_Object-C.pdf) | Mircon 2014 +OSX Malware: Plists, Shell Scripts, and Objective-C, Oh-My! [slides](https://securedorg.github.io/docs/MIRcon_2014_RD_Track_Plists_Shell_Scripts_Object-C.pdf) +*Mircon 2014* -DLL Side-Loading: A Thorn in the Side of the Anti-Virus (AV) Industry [slides](https://securedorg.github.io/docs/hta-w04a-dll-side-loading-a-thorn-in-the-side-of-the-anti-virus-_av_-industry.pdf) | RSA Conference 2014 - -Vehicle Embedded System Imaging & Extraction, Examination and Exploitation | DoD Cyber Crime Conference 2012 +DLL Side-Loading: A Thorn in the Side of the Anti-Virus (AV) Industry [slides](https://securedorg.github.io/docs/hta-w04a-dll-side-loading-a-thorn-in-the-side-of-the-anti-virus-_av_-industry.pdf) +*RSA Conference 2014* +Vehicle Embedded System Imaging & Extraction, Examination and Exploitation +*DoD Cyber Crime Conference 2012* # Whitepapers -* [Malware Dynamic Behavior Classification: SVM-HMM applied to Malware API Sequencing](https://securedorg.github.io/docs/MDBC_API_Sequencing.pdf) | Johns Hopkins University +* [Malware Dynamic Behavior Classification: SVM-HMM applied to Malware API Sequencing](https://securedorg.github.io/docs/MDBC_API_Sequencing.pdf) +*Johns Hopkins University* * [Dll Side-Loading: A Thorn in the Side of the Anti-Virus Industry](https://securedorg.github.io/docs/rpt-dll-sideloading.pdf) +*FireEye* # Work Blogs -* [WCry/WanaCry Ransomware Technical Analysis](https://www.endgame.com/blog/technical-blog/wcrywanacry-ransomware-technical-analysis) | Endgame +* [WCry/WanaCry Ransomware Technical Analysis](https://www.endgame.com/blog/technical-blog/wcrywanacry-ransomware-technical-analysis) +*Endgame* -* [Instegogram: Leveraging Instagram for C2 via Image Steganography](https://www.endgame.com/blog/instegogram-leveraging-instagram-c2-image-steganography) | Endgame +* [Instegogram: Leveraging Instagram for C2 via Image Steganography](https://www.endgame.com/blog/instegogram-leveraging-instagram-c2-image-steganography) +*Endgame* -* [Your Package Has Been Successfully Encrypted: TeslaCrypt 4.1A and the Malware Attack Chain](https://www.endgame.com/blog/your-package-has-been-successfully-encrypted-teslacrypt-41a-and-malware-attack-chain) | Endgame +* [Your Package Has Been Successfully Encrypted: TeslaCrypt 4.1A and the Malware Attack Chain](https://www.endgame.com/blog/your-package-has-been-successfully-encrypted-teslacrypt-41a-and-malware-attack-chain) +*Endgame* -* [DOS AND DON’TS WITH DOCUMENT EMBEDDED OBJECTS](https://www.fireeye.com/blog/threat-research/2015/04/dos_and_don_ts_with.html) | FireEye +* [DOS AND DON’TS WITH DOCUMENT EMBEDDED OBJECTS](https://www.fireeye.com/blog/threat-research/2015/04/dos_and_don_ts_with.html) +*FireEye* -* [MACROS GALORE](https://www.fireeye.com/blog/threat-research/2015/10/macros_galore.html) | FireEye +* [MACROS GALORE](https://www.fireeye.com/blog/threat-research/2015/10/macros_galore.html) +*FireEye* -* [A NOT-SO CIVIC DUTY: ASPROX BOTNET CAMPAIGN SPREADS COURT DATES AND MALWARE](https://www.fireeye.com/blog/threat-research/2014/06/a-not-so-civic-duty-asprox-botnet-campaign-spreads-court-dates-and-malware.html) | FireEye +* [A NOT-SO CIVIC DUTY: ASPROX BOTNET CAMPAIGN SPREADS COURT DATES AND MALWARE](https://www.fireeye.com/blog/threat-research/2014/06/a-not-so-civic-duty-asprox-botnet-campaign-spreads-court-dates-and-malware.html) +*FireEye* -* [TARGETED ATTACK TREND ALERT: PLUGX THE OLD DOG WITH A NEW TRICK](https://www.fireeye.com/blog/threat-research/2013/05/targeted-attack-trend-alert-plugx-the-old-dog-with-a-new-trick.html) | FireEye +* [TARGETED ATTACK TREND ALERT: PLUGX THE OLD DOG WITH A NEW TRICK](https://www.fireeye.com/blog/threat-research/2013/05/targeted-attack-trend-alert-plugx-the-old-dog-with-a-new-trick.html) +*FireEye*