DrKeithJones.com

Social Media

Categories

  • Inside the North Korean Laptop Farm: How Christina Chapman Defrauded 300+ U.S. Companies from Arizona

    This case isn’t the story of a criminal mastermind — it’s the story of a woman who quietly turned her Arizona home into a pipeline for North Korean operatives simply because she never once stopped to ask, “Should I be doing this?” Christina Chapman built a “laptop farm,” laundered millions,…

  • How I Used Gemini To Fix My Terrible Zeek Documentation

    I built a Zeek-based Amadey malware detector… and then absolutely did NOT document it. https://github.com/keithjjones/zeek-amadey-detector So instead of fixing my own mess, I made Gemini do it. In this video: If your docs look like ancient hieroglyphics carved during a power outage, this one’s for you. Transcript: 00:00:00:17 – 00:00:29:28Dr.…

  • Fix NoMachine’s CAPS LOCK Reversal Bug

    I was recently trying to connect to a remote NoMachine host, and the sense of caps lock was reversed compared to my local machine. This happens if your caps was on when you connected to a NoMachine host where the caps was not enabled, and vice versa. The easiest way…

  • Keith Jones’ Journey As Expert Digital Forensics Expert To AI Malware Researcher

    Had a great time as a guest on the Security Unfiltered Podcast, talking about work-life balance in cybersecurity—especially for parents. We covered how remote work has shifted expectations, the challenge of growing your career while raising a family, and how AI is changing the industry. One thing that stood out:…

  • Manually Download MacOS Sequoia

    Apple’s macOS updates are typically seamless through the App Store, but sometimes, a bug can throw a wrench in the process. I recently encountered this firsthand when updating one of my Macs to macOS Sequoia. No matter what I did, the App Store refused to download the installer. After some…

  • Drone Flight @ BWI Airport Sept 8, 2024

    Enjoy some runway 33L activity at the Baltimore Washington International Airport in Maryland. The FAA authorized me to fly and photograph airport activity with my part 107 commercial drone license.

  • Detect STRRAT Malware With Zeek And Suricata

    Join me in learning how to detect the STRRAT malware family with Zeek and Suricata. Corelight Blog: https://corelight.com/blog/newsroom/news/strrat-malware Source Code: https://github.com/corelight/zeek-strrat-detector 00:00:10:18 – 00:00:37:17Dr. Keith JonesHey, welcome. We’re going to talk about how to detect STRRAT, which is a malware family. This this malware is written in Java, and this…

  • Detect Gozi Banking Malware With Zeek!

    Join the Old Grizzled FBI Agent to hear how to detect the Gozi Banking Malware Family with Zeek! Corelight Blog: https://corelight.com/blog/gozi-banking-malware Transcript: 00:00:10:47 – 00:00:41:11Old Grizzled FBI AgentHi there. This is your favorite obligatory grizzled FBI agent again. You may wonder why I have my gun out. And this pair…

  • Detecting AsyncRAT Malware C2 With Zeek And Suricata

    Please join the “Old Grizzled FBI Agent” to hear how you can detect the AsyncRAT malware family with Suricata and Zeek! Corelight blog: https://corelight.com/blog/newsroom/news/hunt-of-the-month-detecting-async-rat-malware Zeek: https://zeek.org/ Source code: https://github.com/corelight/zeek-asyncrat-detector Transcript: 00:00:00:10 – 00:00:31:31Grizzled FBI AgentHello. I’m your obligatory grizzled FBI agent. Never mind this gun and binoculars I have in…

  • Zeek Log Format Cheat Sheet

    Sometimes you want to quickly know the format of a Zeek log file. Check out this web page that links to all the native Zeek log record definitions: https://docs.zeek.org/en/master/script-reference/log-files.html Clicking on “Conn:Info” will send you to the conn.log format specification, for example. Now you can quickly see all the possible…