Tag: peter kalnai
-
VB2019 paper: Rich headers: leveraging the mysterious artifact of the PE format
When analysing malware, especially if it’s new and rare, researchers look for every possible clue that could give them details on the context and perhaps help them find similar samples. One such clue could be what has been called ‘rich headers’, an undocumented chunk of data inside PE files. In a paper presented at VB2019…
-
VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles
The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups of recent years. It has engaged in digital espionage, destructive attacks and financially motivated attacks, and was probably the most discussed threat group at VB2018 in Montreal. One of the Lazarus-related papers at VB2018 was written by…
-
VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles
The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups of recent years. It has engaged in digital espionage, destructive attacks and financially motivated attacks, and was probably the most discussed threat group at VB2018 in Montreal. One of the Lazarus-related papers at VB2018 was written by…
-
VB2017 paper and update: Browser attack points still abused by banking trojans
At VB2017 in Madrid, ESET researcher Peter Kálnai presented a paper he wrote together with his colleague Michal Poslušný, in which they looked at how banking malware interacts with browsers. Today, not only do we publish the paper (in HTML and PDF format) and the video recording of their presentation, but we also publish a…
-
VB2017 paper and update: Browser attack points still abused by banking trojans
At VB2017 in Madrid, ESET researcher Peter Kálnai presented a paper he wrote together with his colleague Michal Poslušný, in which they looked at how banking malware interacts with browsers. Today, not only do we publish the paper (in HTML and PDF format) and the video recording of their presentation, but we also publish a…
-
‘North Korea’ a hot subject among VB2018 talks
A few years ago, I somehow got involved in the discussion of a run-of-the-mill malicious spam campaign and ended up speaking to a journalist from the Daily Telegraph . “Is it true that North Korea may be behind this campaign?”, the journalist asked me – I had a hard time trying to keep a straight…
-
‘North Korea’ a hot subject among VB2018 talks
A few years ago, I somehow got involved in the discussion of a run-of-the-mill malicious spam campaign and ended up speaking to a journalist from the Daily Telegraph . “Is it true that North Korea may be behind this campaign?”, the journalist asked me – I had a hard time trying to keep a straight…
-
VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle
Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers’ attention. This was certainly the case for the KeyRanger ransomware and the Keydnap credentials-stealer, both of which spread through a compromised server of the legitimate Transmission BitTorrent client. In a VB2016 last-minute presentation, ESET researchers…
-
VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle
Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers’ attention. This was certainly the case for the KeyRanger ransomware and the Keydnap credentials-stealer, both of which spread through a compromised server of the legitimate Transmission BitTorrent client. In a VB2016 last-minute presentation, ESET researchers…
-
VB2016 ‘Last-Minute’ Papers Announced
With a little over three weeks to go until VB2016 , the conference programme is almost complete. We have a great selection of talks on the main programme, half a dozen Small Talks that we hope will lead to interesting discussions among participants, and a closing keynote from Morgan Marquis-Boire , the hacker, security researcher…