Author

Pedro Tavares é um profissional na área da segurança da informação, exercendo funções como Ethical Hacker, Analista de Malware e também como Evangelizador na área da Cibersegurança . Ele é também membro fundador no CSIRT.UBI e Editor-in-Chief do blog seguranca-informatica.

Nestes últimos anos tem investido muito do seu esforço no ramo da segurança da informação, explorando e analisando os mais diversos temas, na vertente do pentesting (Kali Linux), malware, hacking, cybersecurity, IoT e segurança em redes de computador. Ele é também Freelance Writer. Este blog tem como objetivo passar a mensagem da importância da segurança nesta era da informação digital, entregando, assim, conteúdo em formato de artigo digital e também em pequenos vídeos aqui partilhados  e  também no canal do Youtube.

Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, hacking, cybersecurity, IoT and security in computer networks.  He is also Freelance Writer. This blog aims to convey the importance of security in this era of digital information, thus delivering content in article format and also in small videos shared here and also on the Youtube channel.


 

githubgithub.com/sirpedrotavares/
linkedinhttps://www.linkedin.com/in/sirpedrotavares
twittertwitter.com/sirpedrotavares
gmailptavares[at]seguranca-informatica[dot]pt

Pretty Good Privacy Public Key (PGP)

-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEXtwFlxYJKwYBBAHaRw8BAQdAky9W4n+KSnA6dR08VBFXwT7GZpaJdQUJ
tQZepb51VdvNMVBlZHJvIFRhdmFyZXMgPHB0YXZhcmVzQHNlZ3VyYW5jYS1p
bmZvcm1hdGljYS5wdD7CfQQQFgoAJQUCXtwFlwUJcPt8gAYLCQcIAwIEFQgK
AgMWAgECGQECGwMCHgEACgkQl7FZxQZxhOH5kAD/cOBnT0W/zYbgJRgfmCj2
TAXDBzpqGpyDyWcysRpAuSEA/0GZfpYXGDQKj753wVqaIZPF0xvCMfXVdwr1
1fPbr4EGzjgEXtwFlxIKKwYBBAGXVQEFAQEHQBdlg9//p06IM+O0X3UaaAYG
5cUH7Q0kYLpGVfLcJPlfAwEIB8JnBBgWCAAPBQJe3AWXBQlw+3yAAhsMAAoJ
EJexWcUGcYTh0GgA+gMVjAGcrX2ZfGJpXfdtw4lBwBrBFPaH2YN30RIxscfM
AQDlv7fc9snAulcWuJsXgnqrxN+Rzvvhgm4DHCHHuCweBw==
=rGNb
-----END PGP PUBLIC KEY BLOCK-----

 

 




 

Publicações Online (para além do blog) / Online Publications

2020
LockBit malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, September 2020
Ransomware deletion methods and the canary in the coal mine, Infosec. Institute, September 2020
Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader [1],[2], September 15th, 2020
Bypassing security products via DNS data exfiltration, Infosec. Institute, 03 August 2020
Netwalker malware: What it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, Jully, 2020
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader [1], July 2020
Benefits of A Security Operation Center (SOC), Cyber Defense Magazine, p.50-52, July 2020
Ragnar Locker malware: what it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, June 25th, 2020
TroyStealer – A new info stealer targeting Portuguese Internet users [1], [2] June 2020
The Ransomware Age and How to Fight It, [1] Cyber Defense Magazine, p.122-127, June 2020
In-depth analysis of a trojan banker impacting Portugal and Brazil, June 1st, 2020
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks, [1], May 26th, 2020
Trojan Lampion is back after 3 months, [1], May 11th, 2020
Brazilian trojan banker is targeting Portuguese users using browser overlay, [1], May 6th, 2020
2020 NIST ransomware recovery guide: What you need to know, Infosec. Institute, May 6th, 2020
COVID-19: How to Take Advantage of Teleworking, [1], Cyber Defense Magazine, p.31-33, May 2020
COVID-19: How criminals take advantage of the pandemic, Infosec. Institute, April 21st, 2020
Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker, [1], April 15th, 2020
Lampion malware: what it is, how it works and how to prevent it | Malware spotlight, Infosec. Institute, April 15th, 2020
Malware – A Cyber Threat for 2020, [1], Cyber Defense Magazine, p. 74-76, March 2020
Lampion malware v2 February 2020, [1], February 24th, 2020
– [Whitepaper] A Landscape of Malware used on the Portuguese Top Level Domain [1], [2], CipherLabs, 29 January, 2020
How to Build a Career in Cyber Security, Cyber Defense Magazine, p.64-66, January 2020

2019
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax [1], [2], [3], [4], [5], [6], [7], [8] December 26th, 2019
Top cybersecurity certifications to consider for your IT career [1], October 10th, 2019
The Role of Certifications for a Cyber Security Profissional, Cyber Defense Magazine, p.145-148, August 2019
Security for Your Holidays, Cyber Defense Magazine, p. 89-91, June 2019
Backups like The Last Resort, Cyber Defense Magazine, p. 39-41, May 2019
EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services [1], [2], [3], [4], April 10th, 2019
HTTPS — what kind of data is not protected by default, Cyber Defense Magazine, p. 79-82, April, 2019
LockerGoga is the most active ransomware that focuses on targeting companies and bypass AV signature-based detection [1], March 20th, 2019
How to Protect Files With Canary Tokens, Infosec. Institute, March 6th, 2019
Secure Coding Resources: Popular Books, Whitepapers, Tutorials and More, Infosec. Institute, March 6th, 2019
The story of the JCry ransomware spread in #OpJerusalem2019 is now infecting Windows users [1], [2], March 5th, 2019
FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle [1], [2], [3], March 1st, 2019
Cross-site Scripting is an Underatted Vulnerability, Cyber Defense Magazine, p. 38-41, March, 2019
The Muncy malware is on the rise [1], [2], [3], February 18th, 2019
– Cybersecurity as a Priority in 2019, Cyber Defense Magazine, p. 67-70, February, 2019
Cybersecurity For Kids [1], Cyber Defense Magazine, p. 48-51, January, 2019

2018
Palavras-passe: O método fraco de autenticação, Computer World, 12 December, 2018
Passwords and Honeywords, Cyber Defense Magazine, p. 95-98, December, 2018
Best Practices for Conducting a Risk-Based Internal Audit, Infosec. Institute, 29 November, 2018
Passwords are the weakest authentication method, Cyber Defense Magazine, p. 101-104, November, 2018
How To Create an Employee Cybersecurity Awareness Strategy, Infosec. Institute, 29 October, 2018
Cybersecurity as a Mandatory Rule in this Era, Cyber Defense Magazine, p. 75-78, October, 2018
– Como Surge o RGPD e Quem é o Data Protection Officer , Revista PROGRAMAR, edição 60, 27 setembro 2018
– HTTPS – Que Informação é Protegida , Revista PROGRAMAR, edição 60, 27 setembro 2018
– Crypto-jacking via ARP Poisoning em redes WiFi, Revista PROGRAMAR, edição 60, 27 setembro 2018
– Vulnerabilidades Web em 2017, Revista PROGRAMAR, edição 60, 27 setembro 2018
Spear-phishing Is The Next Threat After A Data Breach, Cyber Defense Magazine, September, 2018
Cyberhygiene as a Mandatory Doctrine for all Organizations, Infosec. Institute, 23 August, 2018
SolarWinds – LEM, Infosec. Institute, 16 August, 2018
The Art Of Phishing And How To Fight It, Cyber Defense Magazine, August Edition, 2018
Risk Management, Infosec. Institute, 30 Jully, 2018
Cyber Hygiene is Everyone’s Job, Cyber Defense Magazine, Jully Edition, 2018
Detecting Data Breaches with Honeywords, Infosec. Institute, 02 Jully, 2018
Security+: Cloud And Virtualization Concepts, Infosec. Institute, 27 June, 2018
Security+: Risk Management Processes And Concepts, Infosec. Institute, 27 June, 2018
Mechanics Behind Ransomware-as-a-Service, Infosec. Institute, 14 June, 2018
BEC Attacks: How Attorney Impersonation Works, Infosec. Institute, 10 May, 2018
BEC Attacks: How Email Account Compromise Works, Infosec. Institute, 10 May, 2018
The Art of Fileless Malware, Infosec. Institute, 07 May, 2018
How Business Email Compromise Attacks Work: A Detailed Case Study, Infosec. Institute, 09 April, 2018
Hashcat Tutorial for Beginners, Infosec. Institute, 09 April, 2018
Malicious Crypto-miner in Wireless Networks, Infosec. Institute, 23 March, 2018
New Era of Crypto-jacking, Infosec. Institute, 6 March, 2018
More Free/Open Source Forensics Tools, Infosec. Institute, 27 February, 2018
– RGPD – O Antes e o Depois, Revista PROGRAMAR, edição 59, 21 fevereiro 2018
– Vulnerabilidades Web em 2017, Revista PROGRAMAR, edição 59, 21 fevereiro 2018
Incident Response and Forensics, Infosec. Institute, 30 January, 2018

2017
– Identidade Digital e a Blockchain, 20 dezembro 2017
Segurança em Aplicações Android, Revista PROGRAMAR, edição 58, 27 novembro 2017
Blockchain and Merkle Tree, Revista PROGRAMAR, edição 58, 27 novembro 2017
Revolução da Blockchain – A Tecnologia do Futuro, Revista PROGRAMAR, edição 58, 27 novembro 2017
Pseudorandom Number Generators, Revista PROGRAMAR, edição 57, 07 outubro 2017
– A Revolução pós-Internet? Blockchain, 06 de setembro de 2017
A Revolução da Blockchain – A Tecnologia do Futuro, 17 de julho 2017
Artigo no jornal online Observador sobre “black hat” e “white hat” hackers em Portugal., 20-06-2017
A Anatomia de um IDS Moderno, 01-03-2017

 

Artigos em Conferências Científicas / Conference Papers

Ricardo X. P. Santos, Diogo A. B. Fernandes, Pedro Tavares, Mário M. Freire, and Pedro R. M. Inácio, PassCrackGUI — A Graphical User Interface for Password Cracking Tools, in Proceedings of the 10th Conference on Telecommunications (ConfTele2015), Aveiro, Portugal, September 17-18, 2015, pp. 0-4.

Ricardo X. P. Santos, Diogo A. B. Fernandes, Pedro Tavares, Mário M. Freire, and Pedro R. M. Inácio, Analysis of Password Habits and Leaked Databases, in Atas do 7º Simpósio de Informática (INForum 2015), Covilhã, Portugal, September 7-8, 2015, pp. 0-11.

Nuno M. Garcia, Pedro J. M. Tavares, Isabel Trindade, Poster of “Algorithm For Signals Captured By Smart Textiles”, in MEDTEX: Faculdade de Ciências da Saúde – Universidade da Beira Interior, 25 de Maio de 2012.

Nuno M. Garcia, Pedro J. M. Tavares, Rui Miguel, Isabel Trindade, José Lucas, Madalena Pereira, “Resilient Heart-Beat Detection Algorithm For Signals Captured By Smart Textiles”, in AUTEX 2011: 11th World Textile Conference, Mulhouse, França, 10 de Junho de 2011.

 

Conferências e Formações / Conference and Training & Workshops

– Speaker – Strategies to develop FUD malware – III Jornadas de InfoWeb — UBI, March 21th, 2019
– Formador – Regulamento Geral de Proteção de Dados e Segurança da Informação – Associação Empresarial do Sabugal (ADES), 20 de outubro de 2018.
– Formador – Regulamento Geral de Proteção de Dados e Segurança da Informação – Associação Empresarial do Sabugal (ADES), 26 de julho de 2018.
– Formador –  Regulamento Geral de Proteção de Dados e Segurança da Informação – Biblioteca Municipal de Gouveia (powered by Int3Gr4r), 24 de julho de 2018.
– Formador – Workshop Regulamento Geral de Proteção de Dados, Universidade da Beira Interior (powered by CFIUTE), 24 de maio de 2018. (ver vídeo aqui).
– Orador – A Nova Era do Crypto-jacking, Jornadas de Cibersegurança – UBI, 21 de março de 2018.

 

 

One Reply to “Author”

Comments are closed.