Beware of DOC! A look at malicious macros

BSides London: The Writey Writer’s Workshop

Hello! I’m Chris (or at least, a past version of Chris as I’m currently on holiday). Past Chris, speaking to you in the present, in relation to the future. It’s all gone a bit Doctor Who.

Anyway, assuming the scheduled post timings haven’t gone horribly wrong and you’re reading this in the year 2046 from inside your self-drive flying car, you may want to know about a Workshop I’m running at the upcoming BSides London Conference on June.

The Workshop is called The Writey Writer’s Guide to Writing Writerly, and the blurb for it is as follows:

This workshop is based around 10 years of professional blogging / malware research and is designed to give budding writers a leg-up in the world of corporate writing, where everything is one sentence away from potential embarrassment, death threats or a liberal helping of cease and desist letters. If you’ve been asked to blog but have no idea where to start (or are simply looking for a refresher), this workshop will cover: legal pitfalls, content volume, working with journalists / PR, techniques for radio / TV / newspapers, blog structure, minimising risk (to yourself and others) and more. There will be interactive demos related to some of the aforementioned subject matter, and debate / questions / participation is welcome.

Here are some of the things you can expect:

  • There will be a slide deck, but in keeping with the notion of this being a Workshop and not “Talk at them for 3 hours with the aid of 127 slides” it will contain a number of interactive exercises throughout the session – it won’t be a non-stop train ride of lectures.  One of them will be in relation to talking to the press; another will be all about the blogging (with the occasional “spot a thing and win a chocolate bar”, if you’re very lucky).
  • The Workshop’s various chunks will cover areas of Infosec work in detail, but given that workshops tend to veer off from whatever initial plans have been concocted we can focus on some more than others depending on attendee experience. Generally speaking, workshops can afford to be a bit more random than your average presentation, so nothing is set in stone. Go with the flow, and all that.
  •  If you’re attending BSides, you may well be stopping in at Infosecurity Europe (which is great, because Malwarebytes will be there too!) You may finish off the day by carrying around an awful lot of swag – alongside worrying about how much more stuff you’ll be dragging home with you. Rest assured, this Workshop will contain only the basics required to get you up and running – if you don’t have a laptop with you, there’ll be some pen and paper and maybe a printout related to one (or both) of the exercises. Other than that, I’m making sure anything needed for after the event – in terms of follow-up things to read, links, documentation and the like – will be available online via an easy to remember shortened link.
  • For one week after the event, I will happily look at any and all blogs you might want to draft up and fire my way for some advice / commentary / helpful criticism. If you’d like to do this – great! You can give me a name (real or otherwise) and an email address so I know you attended, and we’ll take it from there.

There are three “Career Path” Workshops taking place this year alongside the presentations, so whether you’re after a bit of a career change, some new skills to learn or are simply in the hunt for some nice free T-shirts there’s probably something for everyone at this year’s BSides Conference.

Some of our older Conference outings:

BSides Austin 2015

VB2014: Tech Support Scams Exposed

Def Con 22

Christopher Boyd


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.