OFFICIAL SECURITY BLOG

Category Archives: Malware Analysis

The nitty-gritty technical details from our malware researchers and developers about all the nastiest malware out there.

Tools of the Trade: Exploit Kits

February 11, 2013 | BY

Exploit Kits are a serious cyber threat today, estimated to be responsible for the vast percentage of malware infections worldwide.  Exploit kits distributed currently through both public and underground sources appeal to a wide range of audiences, from inexperienced hackers to seasoned “black hat” cybercriminals.  Perhaps you or someone you know may have heard about […]

Sandbox Sensitivity

February 5, 2013 | BY

This article is meant to give you an overview of how sandboxes are used and why malware writers try to avoid their code to run on them. It will also list some methods that are in use to make malware sandbox-sensitive. Without going into much detail it will also give you an idea of the […]

Digital certificates and malware: a dangerous mix

February 4, 2013 | BY

Update (Feb 6th): The digital certificates have been revoked by DigiCert. Update (Feb 4th, 3:44 PM): Egnyte has promptly taken down the illicit account following our call. However, digital signature is still in use. In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If […]

Malwarebiter – Biting down on you

January 30, 2013 | BY

UPDATE: As of 1/28, the Facebook page for Malwarebiter appears to have been deleted. Overview A few days ago Malwarebytes Intelligence Analyst Adam Kujawa released a Cyber-Threat Advisory on a fairly new anti-malware product on the web called “Malwarebiter”.  This product grabbed our attention because of its similar name to Malwarebytes.  

CTA: Unpatched Java Exploit in the Wild

January 10, 2013 | BY

URGENT: New Java Exploit being used to infect Updated Users. ACTION: Disable Java Browser Plugin using: http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/ http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/ DETAILS: As of yesterday, a new Java exploit has been developed and released to the cyber-crime community. It is currently in the wild and being used to distribute malware such as the Reveton Ransomware.

Web Exploits: a bright future ahead

January 2, 2013 | BY

The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever. Vulnerabilities are flaws that exist in various programs and that allow someone to […]

Misleading advertising

December 20, 2012 | BY

Today we are going to be talking about advertising, specifically misleading advertising. Whether it’s on TV or on the internet, in magazines and newspapers, we see misleading advertising all of the time, you see it all of the time, whether you realize it or not. So how do you spot it? Well, that is one […]

Ransomware

December 7, 2012 | BY

…because some malware is too heinous for clever puns. Ransom software or Ransomware, takes advantage of our constant need for information, communication and entertainment by hijacking our computer systems and demanding payment for returned use.  It hides under the masks of government agencies and uses tactics similar to criminal interrogations to guilt the user into […]

Pick A Download… Part 2

October 26, 2012 | BY

Last week I wrote a blog post on the dangers of ads posing as fake download buttons on various download web sites. Since then I received a lot of feedback from our readers and other security researchers on different tools available to help users avoid these dangers by blocking the ads entirely.  Instead of adding […]

Timely detection: the key to a good anti-malware solution

October 22, 2012 | BY

In this connected world, time is of the essence. The bad guys are counting on releasing their malicious programs and infecting machines before security companies have time to analyze those samples and provide detection signatures to block the threat. Although antivirus companies have evolved their technologies and can now provide proactive heuristic detections (essentially this […]

Pick a Download, Any Download!

October 19, 2012 | BY

Various download sites have been plastering ads all over their pages for years, some of which are just for other types of software and some of them are for services. However, a new trend among these ads has emerged, adding an extra download button where there should not be one.  Many users have been falling […]

A Picture is worth a Thousand Messages

October 12, 2012 | BY

Instant messaging is not a new concept; in fact, instant messaging software has been around for over 20 years in many different forms.  A more popular method of instant messaging these days is done with the use of the software known as Skype.  Skype allows for more than just text chatting but also calling a […]

Dark Comet 2: Electric Boogaloo

October 5, 2012 | BY

Over the past few weeks Jean-Piere Lesueur, A.K.A. DarkCoderSc, has been developing a new version of the Dark Comet Remote Administration Tool which he is calling “Dark Comet Legacy.” This newer version of the tool includes numerous features that make the tool more user-friendly and appear more legitimate.  In addition, DarkCoderSc continues to include notices […]

Much Ado About Browser Malware

September 24, 2012 | BY

Browser Malware is a constant problem for all computer users. In addition to being highly intrusive and sometimes difficult to remove, it is one of the most frequently modified types of malware currently in the wild; because of this, Anti-Malware and antivirus products may not detect and remove all new variants of browser infecting malware […]

So You Want To Be A Malware Analyst

September 18, 2012 | BY

In war, there are always two sides: the attackers and the defenders.  A less focused on group is the researchers and developers.  While soldiers are fighting a war on the front lines, scientists and engineers are researching and developing new weapons, defenses and tools; things that give their side an advantage.  If one of these […]

1 2 3 4 5 6