Profile cover photo
Profile photo
Michael Boman
Michael's posts

Post has attachment
Introducing Malware Research Institute
After last summer’s catastrophic hardware malfunction, where I lost my whole malware collection and a lot of computing resources, I have been working on a new workflows and infrastructure that is less dependent on what I can fit in my very limited server sp...

Post has attachment
Data visualization: Where does all the malware come from?
I've been playing around with visualizations lately and here is a taste of what to come: Here are the distribution of malware sources for the last week of December 2014. Too bad Blogger doesn't allow me to embed a interactive chart, will work on publishing ...

Post has attachment
44CON 2014 presentation slides uploaded
Here is my presentation from 44CON 2014. Synopsis: The number of new malware samples are over a hundred thousand a day, network speeds are measured in multiple of ten gigabits per second, computer systems have terabytes of storage and the log files are just...

Post has attachment
Running VXCage (MongoDB-version) and jobs as services
I recently blogged about how I have modified VXCage to use MongoDB for storing binaries and associated metadata, and I will continue with how I run them in my environment. First off I check out the repositores to /srv like this: cd /srv git clone https://gi...

Post has attachment
VXCage with a touch of MongoDB
For those who are stalking my GitHub account have noticed that I've been committing some new code to my vxcage repository and created two new repositories ( vxcage-jobs , vxcage-utils ). The reason for the restructure is that I needed to move out the analys...

Post has attachment
Result of running a honeypot on Amazon EC2
I have for the last couple of months been running a honeypot on a Amazon EC2 instance and thought I'd share how it is working out for me. In short it works great, but I don't feel I get the full blown "love" from the bots and worms on the Internet, but it c...

Post has shared content
Om du handlar för beloppet så skall affären inte ta ut någon inlösningsavgift iirc. 
Dagens goda skratt. Av någon anledning klarar inte vägverket att ta ut korrekt avgift för trängselskatten. De gjorde en liten miss så vi alla fick betala dubbelt.

Och istället för vissa som lyckats med detta i historien och bara dragit av summan på nästa inbetalning. Så envisas de med att skicka ut en avi som enkelt går att checka in på posten, ica, coop, pressbyrån, bankerna med flera. Så nu när jag äntligen fick en anledning att handla på ica så tog jag med mig checken.

Expediten och jag fick dock ett gott skratt när vi insåg att avin inte var värd pappret den var tryckt på. De tar en avgift på 25 kr och min avi var på 24kr. Så varför slösa min tid och andras med att skicka meningslösa avier med post och döda träd på kuppen?


Post has attachment
Running Cuckoo Sandbox as a daemon with supervisor
I have come across supervisord , which is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems. On my Ubuntu-box I installed is using the following command: $ sudo apt-get install superviso...

Post has shared content
Perfect table when you have guests coming over :-)
Wait while more posts are being loaded