Mindblown: a blog about philosophy.
-
Romanian university website compromised to serve Neutrino exploit kit
This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the university courses they want to attend. Imagine how horrible it would be if those students, after visiting the website of their university of choice, suddenly found all…
-
Guest Blog: Malicious Scripts Gaining Prevalence in Brazil
In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET’s Matías Porolli writes about malicious Visual Basic and JavaScript gaining prevalence in Brazil. Had we looked at the map of malware detections in Brazil a year ago, we would have seen…
-
Romanian university website compromised to serve Neutrino exploit kit
This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the university courses they want to attend. Imagine how horrible it would be if those students, after visiting the website of their university of choice, suddenly found all…
-
It’s 2016. Can we stop using MD5 in malware analyses?
When a security researcher comes across a new piece of malware, the first thing he (or she) does is check the file hash to see if it has been seen, or maybe even analysed, before. For that reason, if the researcher does end up writing an analysis, it is considered good practice to add the…
-
It’s 2016. Can we stop using MD5 in malware analyses?
When a security researcher comes across a new piece of malware, the first thing he (or she) does is check the file hash to see if it has been seen, or maybe even analysed, before. For that reason, if the researcher does end up writing an analysis, it is considered good practice to add the…
-
Throwback Thursday: Holding the Bady
Last week saw the 15th anniversary of the appearance of ‘Code Red’ (also known as ‘Bady’) – the first fileless worm, which spread by exploiting a vulnerability in Microsoft IIS, even penetrating Microsoft’s own IIS servers. Part of the worm’s payload was to launch denial of service attacks against a number of fixed IP addresses –…
-
Throwback Thursday: Holding the Bady
Last week saw the 15th anniversary of the appearance of ‘Code Red’ (also known as ‘Bady’) – the first fileless worm, which spread by exploiting a vulnerability in Microsoft IIS, even penetrating Microsoft’s own IIS servers. Part of the worm’s payload was to launch denial of service attacks against a number of fixed IP addresses –…
-
Paper: The Journey of Evasion Enters Behavioural Phase
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware authors need to find new ways to prevent their malware from being blocked while it is running. In a new paper (also available as PDF ) published today by Virus…
-
Paper: The Journey of Evasion Enters Behavioural Phase
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware authors need to find new ways to prevent their malware from being blocked while it is running. In a new paper (also available as PDF ) published today by Virus…
-
Guest blog: Espionage toolkit uncovered targeting Central and Eastern Europe
In the run up to VB2016 , we invited the conference sponsors to write guest posts for our blog. In the first of this series, ESET writes about the SBDH toolkit. Over the course of the last year, ESET has detected and analysed several instances of malware used for targeted espionage – dubbed the SBDH…
Got any book recommendations?