Mindblown: a blog about philosophy.
-
VB2019 preview: Problem child: common patterns in malicious parent-child relationships
Living-off-the-land binaries, often referred to as LOLbins, are legitimate ( Windows ) binaries used for malicious purposes. Their use has increased in malware campaigns in recent years and serves as a reminder that a defensive approach focused purely on detecting malicious binaries is outdated. Thus rather than focus on the binaries itself, it is important…
-
VB2019 preview: Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry
Half a decade ago, breaches of point-of-sale (POS) systems were a real plague, especially in North America, with the 2013 Target breach perhaps the best known example. Though credit card theft through POS hacks hasn’t completely disappeared, today’s skimmers largely act online, using JavaScript to insert skimmers into websites’ payment pages. The more than a…
-
VB2019 call for last-minute papers closes on Sunday (1 Sept)
The majority of the VB2019 programme was announced in April, and though we like to see VB as a conference that looks beyond the hype, we are more than a little proud that several of the talks have made the security news in recent months: from Operation Soft Cell to the Machete APT group and…
-
21 organisations partner with VB2019
Three months after we announced the first 14 partners and supporting organisations for VB2019 , the 29th Virus Bulletin Conference, seven more organisations have signed up to support the event. We welcome Avast and Kaspersky as Gold partners. Meanwhile, Endgame , Intel and Qihoo 360 have joined as Silver partners. Microsoft has joined as the…
-
VB2019 preview: Exploring Emotet, an elaborate everyday enigma
Active since 2014, initially as a banking trojan, Emotet has been a plague on the Internet in recent years. Emotet’s core strength is its ability to download other malware, thus giving those in control of it remote code execution on infected systems and networks. Emotet has been the initial infection in many high-profile attacks, in…
-
VB2019 preview: A study of Machete cyber espionage operations in Latin America
The US government considers China, Russia, Iran and North Korea to be the most prominent nation-state actors in cyber space. Apart from conveniently ignoring activities by the US and its Five Eyes allies, there is plenty of nation-state activity happening elsewhere, including South Asia, Southeast Asia and Latin America. One of the most prominent Latin…
-
VB2019 preview: A study of Machete cyber espionage operations in Latin America
The US government considers China, Russia, Iran and North Korea to be the most prominent nation-state actors in cyber space. Apart from conveniently ignoring activities by the US and its Five Eyes allies, there is plenty of nation-state activity happening elsewhere, including South Asia, Southeast Asia and Latin America. One of the most prominent Latin…
-
AfricaHackon 2019: a great event and a reminder that security is global
It was a few years ago that I first learned of AfricaHackon , Africa’s premier IT security conference. It led me to invite Tyrus Kamau, one of the event’s organisers, to speak at VB2017 in Madrid in a presentation that was very well received. This year, this invitation was returned and thus I travelled to…
-
AfricaHackon 2019: a great event and a reminder that security is global
It was a few years ago that I first learned of AfricaHackon , Africa’s premier IT security conference. It led me to invite Tyrus Kamau, one of the event’s organisers, to speak at VB2017 in Madrid in a presentation that was very well received. This year, this invitation was returned and thus I travelled to…
-
Virus Bulletin researcher discovers new Lord exploit kit
The number of active exploit kits is very small: the recently published summer 2019 edition of Malwarebytes ‘ quarterly round-up lists the seven then known active exploit kits. To that, a potential eighth has now been added, thanks to Virus Bulletin researcher Adrian Luca. During his work on the VBWeb tests for web security products,…
Got any book recommendations?