Author

Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker/Pentester, Malware Researcher, and also Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), exploitation, malware, hacking, IoT, and security in Active Directory networks.  He is also a Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens and also an official VirusTotal ingestor. This blog aims to convey the importance of security in this era of digital information, thus delivering content in article format and also in small videos shared here and also on the Youtube channel.

Pedro Tavares é um profissional na área da segurança da informação, exercendo funções como Ethical Hacker/Pentester, Analista de Malware e também como Evangelizador na área da Cibersegurança . Ele é também membro fundador no CSIRT.UBI e Editor-in-Chief do blog seguranca-informatica.

Nestes últimos anos tem investido muito do seu esforço no ramo da segurança da informação, explorando e analisando os mais diversos temas, na vertente do pentesting (Kali Linux), exploits, malware, hacking, IoT e segurança em redes Active Directory. Ele é também Freelance Writer e criados do 0xSI_f33d – um feed que compila ameças de phishing e malware ocorrida dentro do ciberespaço portugues e um dos ingestors oficiais do VirusTotal. Este blog tem como objetivo passar a mensagem da importância da segurança nesta era da informação digital, entregando, assim, conteúdo em formato de artigo digital e também em pequenos vídeos aqui partilhados  e  também no canal do Youtube.

	github.com/sirpedrotavares/
	https://www.linkedin.com/in/sirpedrotavares
	twitter.com/sirpedrotavares
	ptavares[at]seguranca-informatica[dot]pt

Pretty Good Privacy Public Key (PGP)

-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBGDiNcgBEACK2C37ahHpB1R2FUCJCBNI2fTL6shlE3yT7z2mpBKdEH+L
P8+NkB7zt73PURvw5A0zCFlC/1k6ls7T4BrwHt00OJzlcavyzinx9HAe9PJ9
q3TIlcXJnWWPgul2/rgC5UZ0/eNwW24yENwQnWpe/q+RWL8sR5Ijdkjt/Ru9
TH6OKrFLwlAvFqb0stUMqVbhRFWyvdJI7WCBJpGYMACHqM6eXtnxepu73KNQ
cmsAE59onzE9zbyCZCQB5sC+e/ftFRRytm3aquyZwsNydFOsk4drhIYAmjUQ
oCEg2V8W8iyKU/oZyrXX5Fm45kVVDNk3QtElwx2XqRJxcgtH40wm+hp6rkLl
brfuO9fHv1ydbASK9vMcrYR6o+jgbXCfDzQ6clNvmNnrvhARU6zdQ07vvLx4
Fplm2X/aM0qInYKGTezeXA4+8kRe5WgjALfWB0sPxmrI16kIW4xPGhx/YnYQ
8fvCWUlgN79LvFNJNMwNq4OeM9jutk+gecZwJEUjUKe9/TwlLn+zMKHTP0qg
epA7dB9BL9ZQQn6Z7NtbeCjRH7a3xYSgiHONS1tEFfa30p42iCMF9AJifMr3
oEc+FNWnWQ5BYkb3X/7EiKkgf/0eYDpQ0DuaUp1IeuhRmu4utWHBp0n12I44
J7QYPJJBFOQJ0y6yTZW8md05yd6lSfFXOtCeMwARAQABzTFQZWRybyBUYXZh
cmVzIDxwdGF2YXJlc0BzZWd1cmFuY2EtaW5mb3JtYXRpY2EucHQ+wsF1BBAB
CAAfBQJg4jXIBgsJBwgDAgQVCAoCAxYCAQIZAQIbAwIeAQAKCRDfNJmH21AS
fKiFD/wO4dPDtOp2fnnZZ+nmplbQb81QwF+eZy2Z/MfuACcY95bk1DN6kL2k
RTDIDp+gq5x+H1J36tSQOjwEgYoI8Q3JM2Zx/IVMBmZ453d8EANFuoHXW8Bh
dwnBCAWasK6Ia+7+PWrIcdT3aa0zgi80Bot0vxBlse7tUq+pe4kXwQ16tRza
38JDzYvuRp/Qzp1xeJ+c9W1OgHksXuaFZlHt1DcVhYLN8Mp2iPe08QFY448d
Y9tongtgevelRVSYJjnQfCn7ycb/p5+u6CvZTrtx7BZAMseFBr8fxxgmyhTs
orfVCeVbKzJ81h7YOaTQaaRxmEb1KOkqN3/c8NmcHQ9fnXAYmq65kTMs4IG0
HfYUvSLb0G/sQq/5YyZ6AvKAoli2SdEEUUZ5zDG+OGtCAOmmwq920lxPMF5c
zH8/XWiT12lXJzbe3VQNj13cljeVnbzw+KsL9012PjeXkLGNZCsVDAK9Bicb
7lfIkwDzwDzJRxlDZ+k6lQdExPnpNSo3xIP2s63AcTkdmp3bN9uoz66KckN1
kdzKsmzOnoBrTI32zgUpgg2bkBWm4JpM5O06THEyPuiSI0m5sWhj6V+aXxg5
fs9ODOsQ3yUZWv5HP/hP284qU+aiYEglmezY4QnvRVylj2b3CeAetFtdPgeX
CfalzSLBuKvC8Um+ZGTe2DWc1o21r87BTQRg4jXIARAApGodmshcjH8xU+yl
3TVcwoxy61jQJ+NdWFFurbrB6jpZv3A0KjZnsUvpaPXNkeC6jm0MELZfnL0K
r9EX+jq452P2eC5KOkKDgcCJhmRQf9m55C76KmgRLRZnwiY8ye3I9i5ACemL
4z05H+sw6m0UoxffBi1CxpgAEotuyMoCdQY6MW0LCRVSDSQB/OH12RpemRWF
kAKMECebJcRS0QzHhz7AIsZYw6dHTjrFl+yhTtquR7gSeazaSqp5PXl55E3U
SZ0XlbIqvCJrakHw6Z4qX6O35YCBNMbKOYCrFirqTeIOH6Vm5HtZlbzH9ovl
5vvGns8JM934V9/pt2Gf5BEl6R6EE/JC0aw3htY/cOHsvgwhE5RFl4pzd0bF
G3ljmmdSi5SIecshOi95J0veCplGO0yqwYKZ2rxBvJV4T48bJaODhYa8cKZg
Crm8MHy/AoOC+zvD9e6xNeJ4EZRRtibRMIbs+qe/C4stWYTbPztCmeZc78th
peXqjzYvqBT2CC9kqLlk6bdcsoFTlHb8xC9a4/rWTYUZgWqPZ0hiJ0f6bC5q
4+LhcIu3SW7QDk97fZXQ2SaSWg+OfMIF8kueFNWSrfqCbmHKJcf91rqJUkie
kN7qXXVA8vvuqONJC0B8ovziXNZtUpKK/oFxJUqXNuvtb7erxQI42ZeNQ6ds
QV5CeOcAEQEAAcLBXwQYAQgACQUCYOI1yAIbDAAKCRDfNJmH21ASfC7uD/0f
lKcfhpOzR1DYlfrki8gt+tNALL3eDUq1AyeKz/2ljoyC3OEKAGERAuOYdus5
rkU+ldMfPyHzki/7/ajyOrYcazkCrlz66qQkog6nBKA8qlSCe9h7IP9pdXn0
Buul9a0+E7Vp2Ynz8aLiuIrrbarZexvJtU9MACnRsQB+771jzTB09HoyvsaN
yJ8LAjk2hp7440/nlIqNrx1KfTT8LogijyArQP980YEbnpX7FwX0WWb2/u1S
opqgsm2Z2H0IIWxZWi44AI3exEdOsXDIhBsAgheL+SkL2/sy2S9eLg9v376i
Gav9G3Lnp+rSuaPMa+u+47duZvtldN/3D04i6Ja3I+nPWHz5AUwkOSkLbTkQ
ZdZTC62L+Kk4vcgZUfGLorUDrQThygna04vYDlC7TMIek5peFDA1M2e5cfew
n+8X+4JZv95ytGUw5hzgpRGOlQURdM7AAxj0hebXECXAHMVwZkHYcJc30dlF
6KHm/67hOKbp26fsZwwcktkgEykXrlTnH3eMJUd4Ok6cIKajAX7Xt50q/vkF
qh5IJYPpj7xmx+6QyQciu4yirLJf6UW8+qR+vJpMeQPOjTTv45id9Ks12SOw
SVVdPjtdRgIUHgo42wEVsyWLZHcBTZsQjKw9aMT4jbW8j2iFDtxanr6bYmD6
ejCjhs2Xzsimb3wSVytRbQ==
=BqK4
-----END PGP PUBLIC KEY BLOCK-----

–My badges–

• • RED TEAM Operator: Privilege Escalation in Windows
  • RED TEAM Operator: Malware Development Essentials
  • RED TEAM Operator: Windows Persistence
  • RED TEAM Operator: Malware Development Intermediate

Relevant Projects / Projetos Relevantes

– Seguranca-Informática Blog: Breaking News, Research papers, Malware and Phishing campaigns impacting Portugal
– 0xSI_f33d: a feed that compiles phishing and malware campaigns targeting Portuguese citizens (an official VirusTotal ingestor)
– Threat Report Portugal: published in each quarter)
– Red Teaming and Malware Analysis – GitBook: A list of exploits and laboratories about Red Teaming and Malware. This list compiles some techniques, tricks, payloads, and tools I’m using during my red teaming experiments.
– wifi-Lord3: A rogue app tool available on GitHub.
– 100% anonymous and compliant voting system.
– Red Teaming/Pentesting assessments for several companies, including international airports, banking institutions, Portuguese firms and their software/apps/networks, and so on. The scope is defined as presented below:

• • Web applications
  • Mobile apps
  • Infrastructure / Internal networks
  • Active Directory
  • Cloud-based apps/infrastructures (Azure, AWS, etc)
  • IoT / firmware analysis
  • Reverse everything 😉

– Source-code and IoC contribution on several open projects/sources (GitHub tools, Awesome lists, exploits, Yaras, IoCs, etc).

Submitted CVEs / CVEs submetidos

Web Chamilo LMS 11.x

• • CVE-2021-37391:  From Stored XSS to account takeover (medium)
  • CVE-2021-37390:  Reflected XSS search mechanism (medium)
  • CVE-2021-37389:  From Stored XSS to PHP backdoor implantation (medium)

Sources: [1]

CHIYU IoT devices

• • CVE-2021-31249: CRLF injection (medium)
  • CVE-2021-31250: Stored XSS (medium)
  • CVE-2021-31251: Authentication bypass (critical)
  • CVE-2021-31252: Open redirect (medium)
  • CVE-2021-31641: Reflected XSS (medium)
  • CVE-2021-31642: DoS – Integer overflow (medium)
  • CVE-2021-31643: Stored XSS (medium)

Sources: [1], [2]

Online Publications / Publicações Online (para além do blog)

2022
– Online tools for malware analysis, Infosec. Institute, June 2022
– Blackguard malware analysis, Infosec. Institute, June 2022
– Behind Conti: Leaks reveal inner workings of ransomware group, Infosec. Institute, June 2022
– ZLoader: What it is, how it works, and how to prevent it | Malware spotlight, Infosec. Institute, June 2022
– Fake shopping stores: A real and dangerous threat, Infosec. Institute, May 2022
– WhisperGate: A destructive malware to destroy Ukraine computer systems, Infosec. Institute, May 2022
– Electron Bot Malware is disseminated via Microsoft’s Official Store and is capable of controlling social media apps, Infosec. Institute, May 2022
– How to build a hook syscall detector, Infosec. Institute, May 2022
– SockDetour: the backdoor impacting U.S. defense contractors, Infosec. Institute, May 2022
– HermeticWiper malware used against Ukraine, Infosec. Institute, May 2022
– MyloBot 2022: A botnet that only sends extortion emails, Infosec. Institute, April 2022
– Mars Stealer malware analysis, Infosec. Institute, April 2022
– Purple Fox rootkit and how it has been disseminated in the wild, Infosec. Institute, March 2022
– Deadbolt ransomware: The real weapon against IoT devices, Infosec. Institute, March 2022
– Red Teaming: Main tools for wireless penetration tests, Infosec. Institute, March 2022
– Fundamentals of IoT firmware reverse engineering, Infosec. Institute, March 2022
– Log4j – the remote code execution vulnerability that stopped the world, Infosec. Institute, March 2022
– Red Teaming: Top tools and gadgets for physical assessments, Infosec. Institute, March 2022
– Rook ransomware analysis, Infosec. Institute, March 2022
– Red teaming: Initial access and foothold, Infosec. Institute, March 2022
– Top tools for red teaming, Infosec. Institute, February 2022
– Modus operandi of BlackByte ransomware, Infosec. Institute, February 2022
– Emotet malware returns, Infosec. Institute, February 2022
– Red Teaming: Persistence Techniques, Infosec. Institute, February 2022
–Mekotio banker trojan returns with new TTP, Infosec. Institute, February 2022
– Red Teaming: Credential dumping techniques, Infosec. Institute, February 2022
– Android malware BrazKing returns, Infosec. Institute, February 2022
– Top tools for password-spraying attacks in active directory networks, Infosec. Institute, January 2022
– Malware instrumentation with Frida, Infosec. Institute, January 2022
– Tunneling and port forwarding tools used during red teaming assessments, Infosec. Institute, January 2022

2021
– Malware analysis arsenal: Top 15 tools, Infosec. Institute, December 2021
– Top tools for mobile android assessments, Infosec. Institute, December 2021
– Top tools for mobile iOS assessments, Infosec. Institute, November 2021
– Redline stealer malware: Full analysis, Infosec. Institute, November 2021
– Red Team: C2 frameworks for pentesting, Infosec. Institute, November 2021
– A full analysis of the BlackMatter ransomware, Infosec. Institute, November 2021
– PrintNightmare CVE vulnerability walkthrough, Infosec. Institute, November 2021
– A full analysis of Horus Eyes RAT, Infosec. Institute, October 2021
– Red teaming tutorial: Active directory pentesting approach and tools, Infosec. Institute, October 2021
– Red Team tutorial: A walkthrough on memory injection techniques, Infosec. Institute, October 2021
– Malware analysis: Ragnarok ransomware, Infosec. Institute, September 2021
– Android malware worm auto-spreads via WhatsApp messages, Infosec. Institute, September 2021
– Pingback malware: How it works and how to prevent it, Infosec. Institute, September 2021
– The real dangers of vulnerable IoT devices, Infosec. Institute, September 2021
– How criminals leverage a Firefox fake extension to target Gmail accounts, Infosec. Institute, September 2021
– Taidoor malware: what it is, how it works and how to prevent it | malware spotlight, Infosec. Institute, September 2021
– Tutorial: How to exfiltrate or execute files in compromised machines with DNS, Infosec. Institute, September 2021
– SUNBURST backdoor malware: What it is, how it works, and how to prevent it | Malware spotlight, Infosec. Institute, September 2021
– ZHtrap botnet: How it works and how to prevent it, Infosec. Institute, August 2021
– How criminals have abused a Microsoft Exchange flaw in the wild, Infosec. Institute, August 2021
– The Risks of The Vulnerable IoT Devices, Cyber Defense Magazine, p.84-88, July 2021
– DearCry ransomware: How it works and how to prevent it, Infosec. Institute, June 2021
– How criminals are using Windows Background Intelligent Transfer Service, Infosec. Institute, June 2021
– How the Javali trojan weaponizes Avira antivirus, Infosec. Institute, June 2021
– Whitespace obfuscation: PHP malware, web shells, and steganography, Infosec. Institute, June 2021
– HelloKitty: The ransomware affecting CD Projekt Red and Cyberpunk 2077, Infosec. Institute, June 2021
– Dependency confusion: Compromising the supply chain, Infosec. Institute, June 2021
– BendyBear: A shellcode attack used for cyberespionage, Infosec. Institute, June 2021
– DreamBus Botnet: An analysis, Infosec. Institute, June 2021
– Kobalos malware: A complex Linux threat, Infosec. Institute, May 2021
– What is Operation Dream Job by Lazarus?, Infosec. Institute, May 2021
– Trojan URSA malware: How it works and how to prevent it, Infosec. Institute, May 2021
– A taste of the latest release of QakBot, [1], May 2021
– VMware vCenter vulnerability: Inside a critical remote code execution flaw, Infosec. Institute, May 2021
– New Sudo flaw used to root on any standard Linux installation, Infosec. Institute, April 2021
– TeamTNT evades detection with new malware using ld_preload technique, Infosec. Institute, April 2021
– Turla Crutch backdoor: analysis and recommendations, Infosec. Institute, April 2021
– Blackrota abused Docker remote API to deliver CobalStrike beacon, Infosec. Institute, April 2021
– APT Sandworm (NotPetya) technical overview, Infosec. Institute, April 2021
– Malicious Excel attachments bypass security controls using .NET library, Infosec. Institute, April 2021
– Volodya/BuggiCorp Windows exploit developer: What you need to know, Infosec. Institute, March 2021
– MRBMiner malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, March 2021
– Fileless Windows Error Reporting (WER) malware attack: Technical overview and walkthrough, Infosec. Institute, March 2021
– Bandook malware: What it is, how it works and how to prevent it, Infosec. Institute, March 2021
– Ghimob Trojan Banker: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, March 2021
– Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware, [1], [2], [3], [4] February 2021
– SonicWall firewall VPN vulnerability (CVE-2020-5135): Overview and technical walkthrough, Infosec. Institute, February 2021
– Stantinko Trojan: What it is, how it works, and how to prevent it | Malware spotlight, Infosec. Institute, February 2021
– Vizom malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, February 2021
– Exploiting built-in network protocols for DDoS attacks, Infosec. Institute, February 2021
– Zerologon CVE-2020-1472: Technical overview and walkthrough, Infosec. Institute, February 2021
– RansomExx: The malware that attacks Linux OS, Infosec. Institute, January 2021
– RegretLocker ransomware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, January 2021
– Installing and Configuring CentOS 8 on Virtualbox, Infosec. Institute, January 2021
– Lazarus’s VHD ransomware: What it is, how it works, and how to prevent it | Malware spotlight, Infosec. Institute, January 2021

2020
– Anubis Network – The Evolution of the phishing schema, December 2020
– Drovorub malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, December 2020
– Hashcat Tutorial for Beginners [updated 2021], Infosec. Institute, December 2020
– How to hack a phone charger, Infosec. Institute, December 2020
– BlindingCan malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, December 2020
– Emotet returns in summer 2020 with new improvements, Infosec. Institute, December 2020
– WastedLocker malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, December 2020
– Android vulnerability allows attackers to spoof any phone number, Infosec. Institute, December 2020
– What is a side-channel attack?, Infosec. Institute, November 2020
– NetWire malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, November 2020
– Sim, sou um hacker, Revista Comunicações – APDC, 13 October, 2020
– MalLocker Android ransomware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, November 2020
– Troystealer malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, October 2020
– How to create a subdomain enumeration toolkit, Infosec. Institute, October 2020
– Using Merlin agents to evade detection, Infosec. Institute, October 2020
– Fuzzing introduction: Definition, types and tools for cybersecurity pros, Infosec. Institute, September 2020
– Hacking Microsoft Teams vulnerabilities: A step-by-step guide, Infosec. Institute, September 2020
– LockBit malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, September 2020
– Ransomware deletion methods and the canary in the coal mine, Infosec. Institute, September 2020
– Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader [1],[2],[3],[4] September 15th, 2020
– Bypassing security products via DNS data exfiltration, Infosec. Institute, 03 August 2020
– Netwalker malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, Jully, 2020
– New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader [1], July 2020
– Benefits of A Security Operation Center (SOC), Cyber Defense Magazine, p.50-52, July 2020
– Ragnar Locker malware: what it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, June 25th, 2020
– TroyStealer – A new info stealer targeting Portuguese Internet users [1], [2] June 2020
– The Ransomware Age and How to Fight It, [1] Cyber Defense Magazine, p.122-127, June 2020
– In-depth analysis of a trojan banker impacting Portugal and Brazil, June 1st, 2020
– The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks, [1], May 26th, 2020
– Trojan Lampion is back after 3 months, [1], May 11th, 2020
– Brazilian trojan banker is targeting Portuguese users using browser overlay, [1], May 6th, 2020
– 2020 NIST ransomware recovery guide: What you need to know, Infosec. Institute, May 6th, 2020
– COVID-19: How to Take Advantage of Teleworking, [1], Cyber Defense Magazine, p.31-33, May 2020
– COVID-19: How criminals take advantage of the pandemic, Infosec. Institute, April 21st, 2020
– Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker, [1], April 15th, 2020
– Lampion malware: what it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, April 15th, 2020
– Malware – A Cyber Threat for 2020, [1], Cyber Defense Magazine, p. 74-76, March 2020
– Lampion malware v2 February 2020, [1], February 24th, 2020
– [Whitepaper] A Landscape of Malware used on the Portuguese Top Level Domain [1], [2], CipherLabs, 29 January, 2020
– How to Build a Career in Cyber Security, Cyber Defense Magazine, p.64-66, January 2020

2019
– Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax [1], [2], [3], [4], [5], [6], [7], [8] December 26th, 2019
– Top cybersecurity certifications to consider for your IT career [1], October 10th, 2019
– The Role of Certifications for a Cyber Security Profissional, Cyber Defense Magazine, p.145-148, August 2019
– Security for Your Holidays, Cyber Defense Magazine, p. 89-91, June 2019
– Backups like The Last Resort, Cyber Defense Magazine, p. 39-41, May 2019
– EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services [1], [2], [3], [4], April 10th, 2019
– HTTPS — what kind of data is not protected by default, Cyber Defense Magazine, p. 79-82, April, 2019
– LockerGoga is the most active ransomware that focuses on targeting companies and bypass AV signature-based detection [1], March 20th, 2019
– How to Protect Files With Canary Tokens, Infosec. Institute, March 6th, 2019
– Secure Coding Resources: Popular Books, Whitepapers, Tutorials and More, Infosec. Institute, March 6th, 2019
– The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users [1], [2], March 5th, 2019
– FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle [1], [2], [3], March 1st, 2019
– Cross-site Scripting is an Underatted Vulnerability, Cyber Defense Magazine, p. 38-41, March, 2019
– The Muncy malware is on the rise [1], [2], [3], February 18th, 2019
– Cybersecurity as a Priority in 2019, Cyber Defense Magazine, p. 67-70, February, 2019
– Cybersecurity For Kids [1], Cyber Defense Magazine, p. 48-51, January, 2019

2018
– Palavras-passe: O método fraco de autenticação, Computer World, 12 December, 2018
– Passwords and Honeywords, Cyber Defense Magazine, p. 95-98, December, 2018
– Best Practices for Conducting a Risk-Based Internal Audit, Infosec. Institute, 29 November, 2018
– Passwords are the weakest authentication method, Cyber Defense Magazine, p. 101-104, November, 2018
– How To Create an Employee Cybersecurity Awareness Strategy, Infosec. Institute, 29 October, 2018
– Cybersecurity as a Mandatory Rule in this Era, Cyber Defense Magazine, p. 75-78, October, 2018
– Como Surge o RGPD e Quem é o Data Protection Officer , Revista PROGRAMAR, edição 60, 27 setembro 2018
– HTTPS – Que Informação é Protegida , Revista PROGRAMAR, edição 60, 27 setembro 2018
– Crypto-jacking via ARP Poisoning em redes WiFi, Revista PROGRAMAR, edição 60, 27 setembro 2018
– Vulnerabilidades Web em 2017, Revista PROGRAMAR, edição 60, 27 setembro 2018
– Spear-phishing Is The Next Threat After A Data Breach, Cyber Defense Magazine, September, 2018
– Cyberhygiene as a Mandatory Doctrine for all Organizations, Infosec. Institute, 23 August, 2018
– SolarWinds – LEM, Infosec. Institute, 16 August, 2018
– The Art Of Phishing And How To Fight It, Cyber Defense Magazine, August Edition, 2018
– Risk Management, Infosec. Institute, 30 Jully, 2018
– Cyber Hygiene is Everyone’s Job, Cyber Defense Magazine, Jully Edition, 2018
– Detecting Data Breaches with Honeywords, Infosec. Institute, 02 Jully, 2018
– Security+: Cloud And Virtualization Concepts, Infosec. Institute, 27 June, 2018
– Security+: Risk Management Processes And Concepts, Infosec. Institute, 27 June, 2018
– Mechanics Behind Ransomware-as-a-Service, Infosec. Institute, 14 June, 2018
– BEC Attacks: How Attorney Impersonation Works, Infosec. Institute, 10 May, 2018
– BEC Attacks: How Email Account Compromise Works, Infosec. Institute, 10 May, 2018
– The Art of Fileless Malware, Infosec. Institute, 07 May, 2018
– How Business Email Compromise Attacks Work: A Detailed Case Study, Infosec. Institute, 09 April, 2018
– Hashcat Tutorial for Beginners, Infosec. Institute, 09 April, 2018
– Malicious Crypto-miner in Wireless Networks, Infosec. Institute, 23 March, 2018
– New Era of Crypto-jacking, Infosec. Institute, 6 March, 2018
– More Free/Open Source Forensics Tools, Infosec. Institute, 27 February, 2018
– RGPD – O Antes e o Depois, Revista PROGRAMAR, edição 59, 21 fevereiro 2018
– Vulnerabilidades Web em 2017, Revista PROGRAMAR, edição 59, 21 fevereiro 2018
– Incident Response and Forensics, Infosec. Institute, 30 January, 2018

2017
– Identidade Digital e a Blockchain, 20 dezembro 2017
– Segurança em Aplicações Android, Revista PROGRAMAR, edição 58, 27 novembro 2017
– Blockchain and Merkle Tree, Revista PROGRAMAR, edição 58, 27 novembro 2017
– Revolução da Blockchain – A Tecnologia do Futuro, Revista PROGRAMAR, edição 58, 27 novembro 2017
– Pseudorandom Number Generators, Revista PROGRAMAR, edição 57, 07 outubro 2017
– A Revolução pós-Internet? Blockchain, 06 de setembro de 2017
– A Revolução da Blockchain – A Tecnologia do Futuro, 17 de julho 2017
– Artigo no jornal online Observador sobre “black hat” e “white hat” hackers em Portugal., 20-06-2017
– A Anatomia de um IDS Moderno, 01-03-2017

Conference Papers  / Artigos em Conferências Científicas

Ricardo X. P. Santos, Diogo A. B. Fernandes, Pedro Tavares, Mário M. Freire, and Pedro R. M. Inácio, PassCrackGUI — A Graphical User Interface for Password Cracking Tools, in Proceedings of the 10th Conference on Telecommunications (ConfTele2015), Aveiro, Portugal, September 17-18, 2015, pp. 0-4.

Ricardo X. P. Santos, Diogo A. B. Fernandes, Pedro Tavares, Mário M. Freire, and Pedro R. M. Inácio, Analysis of Password Habits and Leaked Databases, in Atas do 7º Simpósio de Informática (INForum 2015), Covilhã, Portugal, September 7-8, 2015, pp. 0-11.

– Speaker – Strategies to develop FUD malware – III Jornadas de InfoWeb — UBI, March 21th, 2019
– Formador – Regulamento Geral de Proteção de Dados e Segurança da Informação – Associação Empresarial do Sabugal (ADES), 20 de outubro de 2018.
– Formador – Regulamento Geral de Proteção de Dados e Segurança da Informação – Associação Empresarial do Sabugal (ADES), 26 de julho de 2018.
– Formador –  Regulamento Geral de Proteção de Dados e Segurança da Informação – Biblioteca Municipal de Gouveia (powered by Int3Gr4r), 24 de julho de 2018.
– Formador – Workshop Regulamento Geral de Proteção de Dados, Universidade da Beira Interior (powered by CFIUTE), 24 de maio de 2018. (ver vídeo aqui).
– Orador – A Nova Era do Crypto-jacking, Jornadas de Cibersegurança – UBI, 21 de março de 2018.