Posts by Joshua Cannell

Josh performs analysis on the latest threats. He has over 5 years of experience working with US intel agencies where he analyzed malware through reverse engineering. Find him on Twitter @joshcannell

New York Times Hackers: ‘Gone Phishing’

The Syrian Electronic Army has gotten a lot of publicity lately, taking an interest in hacking American media outlets. They attacked the New York Times this week.

A researcher at Malwarebytes came across an interesting malware sample that erases files and leaves a not-so-friendly message to its victims.

League of Legends Hacked, Credit Card Info Stolen

League of Legends developer Riot Games said their North American customers would require a password reset due to a yesterday’s security breach. The developer claims to be working on new security features to include e-mail and two-factor authentication.

The Malware Archives: MS Office Files

A deeper look at Microsoft Office malware infections.

Alleged Hacker Blackmails Miss Teen USA

News reports of 19-year-old Cassidy Wolf receiving emails from an alleged hacker attempting to extort her serves as a reminder that webcams need to be secured too.

Linux Bank Trojan ‘Hand of Thief’ debuts

Sometimes it’s easy to forget that malware targets other Operating Systems besides Windows. However, it does exist, and is equally potent in its malicious nature. Researchers at RSA recently uncovered a new Linux Bank Trojan called “Hand of Thief”. Offered in closed cyber-crime communites

The Malware Archives: PDF Files

Adobe Reader has a history of vulnerabilities and gets exploited quite a bit. Once exploitation succeeds, a malware payload can infect a PC using elevated privileges. For these reasons, it’s good to know how to analyze PDF files

Sophos Discovers ZeroAccess Using RLO

Yesterday, analysts at SophosLabs looked at a new ZeroAccess variant using some new tricks to hide itself. Or should I say old ones, which are seemingly rediscovered.

Yesterday, Google unveiled the latest version of it’s renowned Android Operating System at an event in San Francisco. Of the improvements to security, the most notable is the implementation of SELinux, a Mandatory Access Control (MAC) system which grants users greater access control.

ZeroAccess uses Self-Debugging

In the field of malware analysis, debuggers are a vital tool used to reverse-engineer malware binaries, helping analysts to understand the purpose and functionality of malware when dynamic analysis isn’t enough.

Google was quick to fix their Android master key flaw, but Android’s fragmented update model across several OEMs is leaving most users unprotected. You can take it in your own hands to fix this but it will require rooting your phone.

My Memory Isn’t What It Used To Be: Part 2

How malware can use process memory to its advantage part 2.

Microsoft will be issuing security updates — six of the seven updates are deemed “critical,” the highest rating on the company’s severity — that address multiple vulnerabilities across its products tomorrow on Patch Tuesday.

New Android Vulnerability Affects 99% of Devices

Bluebox Security unveiled in a corporate blog post that their research team—dubbed Bluebox Labs—had uncovered a vulnerability that affects 99% of Android devices. The vulnerability has been reported as existing since Android 1.6 (“Donut”) and may be plaguing some 900 million devices.

Buyer Beware: Steam Keys and What You Should Know

Almost a decade after its’ initial release, Steam has gotten so popular that, at any given time, there are millions of gamers logged in, browsing the store and playing games. Nevertheless, as with anything that becomes popular on the web, bad guys pay attention too, and look to make a profit where they can. With that in mind, let’s take a quick look at some things you may want to watch out for when gaming with Steam.

First Official Xbox One Emulator Is a Phony

Gamer or not, you’ve likely heard about the next generation of video game consoles arriving later this year. However, you probably haven’t heard that fake emulators for the anticipated consoles are already being distributed.

Electronic License Plates: A Better Alternative?

Dubbed the electronic license plate, or Etag, this new technology in South Carolina would allow the state’s DMV to change what’s displayed on your tag—without your consent.

Seven tips to keep your PC safe this summer

Whether you’re lost on a road trip, going deaf at a rock concert, or getting your sun tan on, odds are PC security isn’t the first thing on your mind as you enter this summer season.

My Memory Isn’t What It Used to Be: Part 1

When analyzing malware, what you see on disk is oftentimes not an accurate representation of what’s actually happening in memory.

Brazilian Facebook Trojan and Consumer Security

New Facebook trojan Febipos is currently active in Brazil and takes control of your Facebook profile using a Firefox and/or Chrome extension that’s installed during execution.

1 2 3 4

Subscribe to our YouTube Channel