Pepe Berba. I blog about stats, security, and crypto.
I'm a Cloud Security Engineer at Thinking Machines while taking up my masters degree in data science.
Ex-Machine Learning Researcher also at Thinking Machines and previously a SOC Engineer at Redrock IT Security.
Recent Posts
-
Hunting for Persistence in Linux (Part 5): Systemd Generators
How attackers can insert backdoors early in the boot process using systemd generators
-
Hunting for Persistence in Linux (Part 4): Initialization Scripts and Shell Configuration
How attackers create can maintain persistence by inserting scripts and executables in special locations that will run on boot or logon
-
Hunting for Persistence in Linux (Part 3): Systemd, Timers, and Cron
How attackers use newly created and existing accounts for peristence and how to detect them.
Archive
Here are all the blog posts I've written so far.- 2022/02/07 » Hunting for Persistence in Linux (Part 5): Systemd Generators (security)
- 2022/02/06 » Hunting for Persistence in Linux (Part 4): Initialization Scripts and Shell Configuration (security)
- 2022/01/30 » Hunting for Persistence in Linux (Part 3): Systemd, Timers, and Cron (security)
- 2021/11/23 » Hunting for Persistence in Linux (Part 2): Account Creation and Manipulation (security)
- 2021/11/22 » Hunting for Persistence in Linux (Part 1): Auditd, Sysmon, Osquery (and Webshells) (security)
- 2021/11/08 » Synack 2021 Open Invitational CTF Crypto Writeup (crypto)
- 2021/08/10 » DEFCON 29 Red Team Village CTF Writeup: Supply Chain Attack (security)
- 2021/06/05 » POC Exploit from a CVE: Apache Airflow 1.10.10 RCE (security)
- 2020/08/11 » DEFCON 28 OpenSOC Blue Team CTF: Lessons and Tips (security)
- 2020/07/08 » A gentle introduction to HDBSCAN and density-based clustering (stats)
- 2020/06/12 » U2F with Duo Web Phishable by default (security)
- 2020/05/28 » Bypassing LastPass’s “Advanced” YubiKey MFA: A MITM Phishing Attack (security)
- 2020/04/26 » Data Analysis for Cyber Security 101: Detecting Lateral Movement (security)
- 2020/01/17 » Understanding HDBSCAN and Density-Based Clustering (stats)
- 2019/11/04 » Time Complexity for Data Scientists (stats)
- 2019/10/08 » Data Analysis for Cyber Security 101: Detecting Data Exfiltration (security)