Tag: Malware Analysis

All the articles with the tag "Malware Analysis".

• Don't Cry Wolf - Evidence-based Assessments of ICS Threats

  Published:Oct 17, 2025 |  at 07:05 PM

  Jimmy Wylie's and my DEF CON'33 talk is now available on YouTube. We discuss the analytical rigor undertaken before claiming a capability is "ICS-specific malware" with some specific examples I found while threat hunting.

• The Story of KurtLar_SCADA.exe

  Updated:Apr 8, 2025 |  at 04:05 PM

  Check out my research in uncovering and analyzing a malware named KurtLar_SCADA.exe, a VNC remote access capability targeting Internet-exposed and poorly secured industrial HMIs. This research was covered in a webinar hosted by SANS ICS. Big thanks to them for having me!

• Public Research

  Updated:Apr 8, 2025 |  at 11:43 AM

  Please see this page for complete listing of public research in the form of blogs, whitepapers, and webinars.

• The Fuxnet Malware

  Published:Dec 14, 2024 |  at 11:05 AM

  Read Dragos'public intelligence report on the 8th ICS-specific malware, co-written by me and Bryce Livingston.

• PLC Password Cracking Malware

  Published:Jul 14, 2024 |  at 06:05 PM

  Read about my research on PLC password cracking software being sold online. Turns out, it also gives you a Sality malware infection. This research was covered in major tech journals!