worldwide infection map of Wannacry

Thinking about WannaCry or WCRY ransomware

A lot of discussion is currently ongoing about the WannaCry or WCRY ransomware.  I’ll do my best to not retread that information.  There’s plenty of sources for hashes, onion domains, and various other atomic indicators to go around for everyone.  Just do a rapid raw search in your favorite search engine or haunt twitter and…

Read More

Building Blocks of Success with YARA

I like YARA. In fact, I think it is one of the more flexible and powerful tools in an incident responder’s toolkit. Same for threat intelligence, analysts and folks in digital forensics. A chief aspect of this fabulous program is its open source and integration into dozens of tools that are likely already in your…

Read More