Mindblown: a blog about philosophy.
-
Paper: Script in a lossy stream
Dénes Óvári explains how to store code in lossily compressed JPEG data. Malformed PDFs have become a common way to deliver malware. Naturally, when this started to happen, anti-virus products began scanning inside PDF files for traces of malicious code and, equally naturally, malware authors started to obfuscate that code to circumvent scanners. Not everything…
-
M3AAWG releases BCP document on dealing with child sexual abuse material
Subject may make many feel uncomfortable, but it is essential that we know how to deal with it. The mere mention of “child pornography” on the Internet makes many a security expert feel uncomfortable, and not just because of the natural human reaction to the idea of children being abused. It is often used, together…
-
VB2014 paper: Caphaw – the advanced persistent pluginer
Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype. Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Caphaw – the advanced persistent pluginer’ by Fortinet…
-
Coordinated action takes down Ramnit botnet infrastructure
Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying. A coordinated action from Anubisnetworks , Microsoft and Symantec , together with Europol has done serious damage to the infrastructure behind the ‘Ramnit’ botnet. Ramnit is one of those botnets that lurk in the background of the Internet. Its infections mainly occur in…
-
Hacker group takes over Lenovo’s DNS
As emails were sent to wrong servers, DNSSEC might be worth looking into. Although, after some initial hesitation, Lenovo was rather frank in its admission of messing up regarding the Superfish adware, it was too late for the damage to be undone and many have directed their 15 minutes of Internet rage at the laptop…
-
Almost 50% increase in reported vulnerabilities as non-Windows operating systems lead the table
Each discovered vulnerability is actually a good news story. Last week, security firm GFI published some research in which it looked at the number of vulnerabilities reported last year, their severity, and which operating systems they affect. The surprising result is that Apple ‘s OS X and iOS lead the table, followed by the Linux…
-
Vawtrak trojan spread through malicious Office macros
Users easily tricked, but plenty of opportunity for the malware to be blocked. Researchers at Trend Micro report that the ‘Vawtrak’ banking trojan now also spreads through Office macros, embedded in documents that are attached to spam emails. Vawtrak rose to prominence late last year, when it broadened its scope from targeting Japanese banking users…
-
Lenovo laptops pre-installed with software that adds its own root CA certificate
Shared root certificate makes for easy man-in-the-middle attacks. What is Superfish ? Superfish is a product that offers ‘Visual Search’. Say, for example, you are looking at cat photos on the Internet. Superfish inserts photos of similar cats into your browser, with links to places where you can buy them. Sounds like something that enhances…
-
Google relaxes disclosure policy following criticism
Grace period added for vulnerabilities that are about to be patched. Last year, Google announced a new disclosure policy, where details of a vulnerability discovered by the company’s researchers would be published within 90 days of the affected vendor being notified, regardless of whether or not a patch had been released. If the vulnerability were…
-
VB2014 video: .NET malware dynamic instrumentation for automated and manual analysis
Hexiang Hu used tool to detect Bladabindi backdoor. The .NET framework is a popular way to write software. As applications built with the framework compile into a Common Intermediate Language (CIL), single binaries can run on multiple platforms and CPU architectures. However, as is so often the case, what is useful for authors of benign…
Got any book recommendations?