Thomas holds a PhD in computer science and works as a Senior Cyber Security Analyst in the Cyber Threat Intelligence Chapter. 
He is passionately engaged in malware analysis, threat actor tracking, and bug hunting. Throughout the last years he has found numerous vulnerabilities in low-level software and participated in several botnet take-downs. In his blogs he tells techies and non-techies stories about his adventures in binary code wonderland. 

Articles by Thomas Barabosch

Your choice

Emotet became world famous in 2019 and is still very active

Blog.Telekom

Dissecting Emotet - Part 2

Cybersecurity: This modular botnet is active at least since 2014 but became very powerful. Thomas Barabosch explains how it works, module by module.

20200511-LOLSnif-EN

Blog.Telekom

LOLSnif – Tracking Another Ursnif-Based Targeted Campaign

Cybersecurity: Tool leaks are very interesting occurrences in cyber security. In his new blog post, Thomas Barabosch analyze a newer version of Ursnif.

Cybersecurity: TA505’s Box of Chocolate

Blog.Telekom

TA505 returns with a new bag of tricks

Cybersecurity: In this blogpost, Thomas Barabosch, shows you a new technique of big threat actor TA505: basically, it’s about operations for big game hunting.

Thomas Barabosch

Blog.Telekom

Dissecting Emotet - Part 1

Cybersecurity: This modular botnet is active at least since 2014, but became very powerful. Thomas Barabosch explains how it works, module by module.

Cybersecurity: TA505’s Box of Chocolate

Blog.Telekom

TA505's Box of Chocolate

Cybersecurity: TA505, a very active threat actor, works differently than, for example, the group behind Emotet. Which tools are used here, Thomas Barabosch explains to you in his Blog.

FAQ