Saturday, August 30, 2014

Recommending Reading - A new resource for those looking to learn

I am often asked about which books should be read related to topics in computer security and forensics. Sometimes these questions come from new people who want to break into the field while others come from experienced people wanting to branch out or to really deep dive into a specific subject. In the past, I have generally answered these questions in ad-hoc way, whether through a customized email or over instant messenger.

In an attempt to centralize my book recommendations, I have created a Recommend Reading page on my website. This page lists books across a range of categories (security, forensics, reversing, etc.), provides a brief insight into each book's contents, and also lists the general technical know-how of the specific topic needed to understand the book.

This page is a work in progress, and I definitely welcome suggestions for updates and new additions. Please note that I will only list books that I have actually read. With that said, I do accept review copies of books and often pick up new books that seem interesting.

I would like to thank Ashley and Vico for helping with the design of the page and for proof reading.

Thursday, August 14, 2014

Interview with Eric Huber on A Fistful of Dongles

I was recently interviewed by Eric Huber on his popular AFOD blog. I went into some details of my path to where I currently am in my digital forensics career and some advice for people new to the field.

http://www.ericjhuber.com/2014/08/afod-blog-interview-with-andrew-case.html

Wednesday, April 9, 2014

Building a Decoder for the CVE-2014-0502 Shellcode

Yesterday on the Volatility Labs blog I published a post on analyzing some interesting shellcode from a recent attack campaign and 0day exploit. The shellcode was encrypted multiple times and required full static reversing before revealing the algorithm needed to decrypt the backdoor URL. I think you will like it:

http://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html