EyePyramid: I forgot to do my homework!

Posted on January 11, 2017 in Blog • Tagged with malware, botnet, EyePyramid • 2 min read

Today Italian news were surrounded by the story of brother and sister arrested in Italy for spying on top public officials, institutions and high profile VIPs.

The EyePyramid story has been widely reported and probably it is going to monopolise Italian media for the next week. So I do not want to write about it.

The only official information available (right now) are in the subpoena / arrest warrant (sorry, in Italian). It is filled of operational details about how the bad guys were running their business.

Technically speaking, they wrote a VB.NET malware with RAT / spyware features. They infected ...


Continue reading

A Raspberry Pi Home Dashboard

Posted on November 27, 2016 in Blog • Tagged with raspberry • 3 min read

Some time ago I created an home dashboard, using a Raspberry Pi, to have all my favourite tools (i.e. Zabbix, Munin) on a wall screen in my room. Now I want to write down and share with everyone how I put it together.

The whole idea of this is to have the Raspberry Pi hidden behind the screen, so trailing Ethernet cables isn’t ideal. Luckily the Pi supports a range of Wifi adapters, also latest Pi has integrated Wifi.

What you’ll need

  • Raspberry Pi (I used a spare old one)
  • Micro SD Card (8 gigs is enough ...

Continue reading

Few word on TR-069

Posted on November 27, 2016 in Blog • Tagged with router, botnet, Mirai • 1 min read

It is all over the news, about 900,000 Deutsche Telekom DSL customers have been hit by a wide cyber attack related to the**Mirai botnet** and went offline for quite a while.

There are many analyses around, so I do not want to spend more words about Internet of Things (IoT), the malware and the exploit used, or about the attribution dice.

So what?

How was the reaction? It is always time for a meme.

panic attacks

What really happened?

  • In november an exploit for a router was published. Carriers are used to send management commands to home routers using a ...

Continue reading

A Lufthansa Horror Story

Posted on August 02, 2016 in Blog • Tagged with flight, lufthansa • 3 min read

TL;DR: What happened today? Thanks to the worst customer service provided by Lufthansa I am going to explain you why I missed a day in Vegas and why, in my over 15 years experience, you should stop flying Lufthansa.

Today, I was heading to Las Vegas, to chill out at BlackHat and Defcon, via Frankfurt and Philadelphia. I was flying  Lufthansa, because in long flights I prefer to spend more and be safe; with my 2 dogs in a checked-in box. Due to many Lufthansa fails in logistics and customer service I miss my flight and I have been ...


Continue reading

How to setup an Image Forensic lab with Ghiro

Posted on August 19, 2015 in Tools • Tagged with appliance, ghiro, image forensics • 3 min read

This how to will guide you through the setup of an Image Forensics lab, using Ghiro, a free and open source image forensics tool.

Ghiro comes also with a virtual appliance (it is a copy of Ubuntu Linux with all you need already installed, you can run on your host) to help people get a running Ghiro in few steps.

1. Ready for virtualization

You can run Ghiro Appliance in any host (Mac, Windows or Linux),  only a virtualization software is requested. There are many out there, free and commercial, for example Vmware or VirtualBox.

VirtualBox is a free and ...


Continue reading