About

I have worked in threat intelligence since 2017, specialising in threat actor tracking and malware reverse engineering.

Blogs

• COLDWASTREL of space (September 2024)
• What IIS that malware? (November 2023)

Conference talks

• Knowledge IIS power (September 2024)
• Brave New World: Understanding the developing techniques of threat actors (May 2023)
• Learning to ChaCha with APT41 (September 2021)
• xStart when you’re ready (January 2021)
• Lazarus’ Dtrack marathon: A retrospective analysis of Dtrack campaigns (September 2020)

Workshops

• Yet Another YARA Workshop (June 2022)