You are browsing the archive for Prevention.

Quick & Dirty Sysmon Replacement aka Process Hacker logging

March 14, 2020 in Malware Analysis, Prevention, Random ideas, Reversing, Sandboxing

Sysmon is great, no doubt. However… very often an overkill. Yes, you’ve read this right. I say: who cares about registry writes, process access, driver or module loads, etc. ? […]

Bringing down the house, a.k.a. losing 20+-years old attachment to the email attachments

December 1, 2018 in Prevention, Random ideas

It’s been 20+ years since we observed the first mail worms out there (VBS files, SHS files, Macro viruses). I think it’s time to start thinking of reasonable measures that […]