Categories

Posts by Joshua Cannell

Josh performs analysis on the latest threats. He has over 5 years of experience working with US intel agencies where he analyzed malware through reverse engineering. Find him on Twitter @joshcannell

Nowhere to Hide: Three methods of XOR obfuscation

A couple of months ago, I did an article on generic obfuscation techniques used to hide malware.  It continues to be no surprise that malware tries to hide using an array of techniques that are easy to implement. I wanted to elaborate on one of those techniques I mentioned earlier, which was the exclusive or […]

CTA: New Java Vulnerability

URGENT: Despite a recent critical patch to Java SE, Polish security firm Security Explorations released details of yet another Java vulnerability.  Adam Gowdiak, a researcher from the firm provides a full disclosure of the exploit here.

Too Tough to Crack?

During the course of your life, there are many times when you have to prove who you are.  Whether it’s applying for a loan, getting your driver’s license, or signing into your email account, a process has to occur to “authenticate” your identity.  Otherwise, anybody could be you.

Malware in a Jar

As researchers find more security flaws in Oracle Java, the software continues to be used for exploitation and malware delivery.  This year has been a shaky start for the cross-platform web technology, where it seems the number of documented vulnerabilities is hard to number. If you recall in January, we saw a zero-day later found […]

Who is ‘Whois’ ?

On March 20th, reports were circulating that a cyberattack had been conducted against broadcast networks and banks in South Korea.  In typical reaction, it was suspected that North Korea may have been to blame, although no evidence has surfaced supporting this idea.  However, it’s recently been reported that at least one of the bank attacks […]

From Russia with Ransomware

This week the research team stumbled across a Russian ransomware sample so I decided to take a peek.  The ransom message demands your money (in rubles, actually) and threatens to delete your data if payment isn’t sent within 12 hours.

Obfuscation: Malware’s best friend

Here at Malwarebytes, we see a lot of malware. Whether it’s a botnet used to attack web servers or a ransomware stealing your files, much of today’s malware wants to stay hidden during infection and operation to prevent removal and analysis. Malware achieves this using many techniques

CTA: New Java Zero-Days

Update: Oracle has addressed the exploit known as CVE-2013-1493 with an emergency patch.  You can read about this patch on Oracle’s blog here. URGENT: A few days ago we heard about yet another zero-day in Oracle Java from security firm FireEye.  The exploit targets java versions 6 and 7.  Details are

Malwarebytes and BSides San Francisco

For many years now, computer security conferences have been a common way for researchers, hackers, and security experts to meet and discuss the latest industry developments.  In addition to the security talks, these conferences offer training courses, certifications, and other special challenges.

CTA: New Adobe Zero-Day

URGENT: A few days ago a new zero-day vulnerability in Adobe Reader had surfaced.  Details below are on Adobe’s blog.

Tools of the Trade: Exploit Kits

Exploit Kits are a serious cyber threat today, estimated to be responsible for the vast percentage of malware infections worldwide.  Exploit kits distributed currently through both public and underground sources appeal to a wide range of audiences, from inexperienced hackers to seasoned “black hat” cybercriminals.  Perhaps you or someone you know may have heard about […]

Malwarebiter – Biting down on you

UPDATE: As of 1/28, the Facebook page for Malwarebiter appears to have been deleted. Overview A few days ago Malwarebytes Intelligence Analyst Adam Kujawa released a Cyber-Threat Advisory on a fairly new anti-malware product on the web called “Malwarebiter”.  This product grabbed our attention because of its similar name to Malwarebytes.  

« Previous Page

Subscribe to our YouTube Channel