Weekly News Roundup — March 24 to 30

Summary — Welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics according to…

How To: Extract Network Indicators of Compromise (IOCs) from Maldoc Macros — Part 3

read time = 5 minutes Summary This is the third in a series of posts exploring fundamental malware analysis techniques. Please check out Part 1 and Part 2 for some additional background. The following techniques are presented as an alternative to automated sandboxing, which are effective and powerful tools. However, as we showed in Part…

Weekly News Roundup — March 17 to 23

Summary — Welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics according to…

Weekly News Roundup — March 10 to 16

Summary — Hello, and welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics…

Weekly News Roundup — March 3 to 9

Summary — Hello, and welcome to Security Soup’s continuing news coverage of highlights from the previous week. This list is not intended to be an exhaustive source, but simply a collection of items I found interesting throughout my weekly research. The summaries are provided with links for the reader to drill down into particular topics…

How To: Extract Network Indicators of Compromise (IOCs) from Maldoc Macros — Part 2

read time = 4 minutes Summary This is the second in a series of posts exploring fundamental malware analysis techniques. Please check out Part 1 for some additional background,. The following techniques are presented as an alternative to automated sandboxing, which are effective and powerful tools. However, as we showed in Part 1, they may…

How To: Extract Network Indicators of Compromise (IOCs) from Maldoc Macros — Part 1

read time = 3 minutes Summary:  The goal of this tutorial series is to show analysts a variety of methods to extract IOCs from malicious document samples as an alternative to a reliance on automated sandboxes. Sandboxes are valuable tools, but in many cases (with default settings) they may not provide full details and critical…