Fighting the good fight!
Posted by: Tom
Hey...I actually found a few minutes for a quick blog post! :-)
Just a quick post to check out the report that my friend and malware researcher Greg Feezel was mentioned in a report over at Hostexploit.com. He contributed data to this report. The report was on the McColo web hosting firm which is apparently responsible for sending 75% of spam world wide! If you didn't know, McColo was taken offline a few days ago and there has been a massive decrease in spam across the Internet. If you want more information on McColo check out Brian Kreb's article here. Brian is actually one of the guys that helped shut this firm down based on some of the reporting he did.
Goes to show you that we can do some good as security professionals if we all work together!
Just a quick post to check out the report that my friend and malware researcher Greg Feezel was mentioned in a report over at Hostexploit.com. He contributed data to this report. The report was on the McColo web hosting firm which is apparently responsible for sending 75% of spam world wide! If you didn't know, McColo was taken offline a few days ago and there has been a massive decrease in spam across the Internet. If you want more information on McColo check out Brian Kreb's article here. Brian is actually one of the guys that helped shut this firm down based on some of the reporting he did.
Goes to show you that we can do some good as security professionals if we all work together!
Malware challenge has started!
Posted by: Tom
Just a reminder to head over to malwarechallenge.info to start the malware challenge that was mentioned on the last Security Justice podcast as well as a blog post that I did a few days ago. The contest runs from October 1st - 26th and is open to everyone! May the force be with you...
Malware Challenge begins October 1st!
Posted by: Tom
Tyler (aka: The Security Shoggoth) announced on the Security Justice podcast last week about the "Malware Challenge" that begins October 1st. I think this is a great idea and is a fantastic way to learn about how malware works and how to analyze it.
Via The Security Shoggoth:
"Starting from October 1, 2008 and ending October 26, 2008 we will be running a malware analysis challenge at http://www.malwarechallenge.info. In the challenge participants will download a malware sample to analyze. The site will have a list of questions for participants to answer and send in. We will judge the answers and those scoring the highest will win prizes."
Yes, this is a real piece of malware that you will analyze! More about the malware and the contest:
"Participants in the malware challenge will download the malware, analyze it and answer questions based on their findings. The answers to these questions will be evaluated by the judges in order to determine who the winners are. At a minimum, submissions should include the answers to the questions. However, submissions which also include a narrative on such things as how the malware was analyzed or how the analysis lab was set up will be more likely to win. Be creative."
What are the prizes? So far they have a Best Buy gift card, IDA Pro Book, Full version of IDA Pro software, Hacker game from Steve Jackson Games and many more prizes as well. For the most up-to-date-list, check here.
Even if you have never analyzed malware before...everyone is encouraged to participate! This is a great way to learn about how malware works and also a way to develop a new emerging skill set! The contest site has some links for you to get started if you never did malware type analysis so you have some place to start. Winners will be announced at the 2008 Ohio Information Security Summit on October 31st. You don't need to present to win but there will be special prizes for those that can be there. Good luck to everyone participating!