VB Migration

Tag: tool

  • VB2017 paper: Crypton – exposing malware’s deepest secrets

    Computer scientists are notorious for a specific kind of laziness: the kind of laziness that makes them work really hard in order to avoid some other, often more boring, hard work. Crypton , a tool developed by F5 Networks researchers Julia Karpin and Anna Dorfman, is a great example of that: it aims to speed…

  • VB2017 paper: Crypton – exposing malware’s deepest secrets

    Computer scientists are notorious for a specific kind of laziness: the kind of laziness that makes them work really hard in order to avoid some other, often more boring, hard work. Crypton , a tool developed by F5 Networks researchers Julia Karpin and Anna Dorfman, is a great example of that: it aims to speed…

  • VB2017 preview: Crypton – exposing malware’s deepest secrets

    Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long history of including papers on tools and tricks that make the task of analysing malware a lot easier. ‘Crypton’ is such a tool. It…

  • VB2017 preview: Crypton – exposing malware’s deepest secrets

    Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long history of including papers on tools and tricks that make the task of analysing malware a lot easier. ‘Crypton’ is such a tool. It…

  • VB2016 preview: Detecting Man-in-the-Middle Attacks With Canary Requests

    While man-in-the-middle attacks are relatively rare (especially among those not attending hacker conferences), it is quite common for computer users to be in a situation where an attacker could have an opportunity to take control of their network traffic. There are, of course, network mechanisms that seriously mitigate the risk, such as VPN or HTTPS,…

  • VB2016 preview: Detecting Man-in-the-Middle Attacks With Canary Requests

    While man-in-the-middle attacks are relatively rare (especially among those not attending hacker conferences), it is quite common for computer users to be in a situation where an attacker could have an opportunity to take control of their network traffic. There are, of course, network mechanisms that seriously mitigate the risk, such as VPN or HTTPS,…

  • VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

    Given the sheer volume of new malware samples discovered every day, security researchers eagerly make use of tools that will help automate their research and analysis. IBM Trusteer researcher Martin Korman wrote one such tool, ‘VolatilyBot’, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework . At VB2015 in Prague,…

  • New tool helps ransomware victims indentify the malware family

    Malware infections are never fun, but ransomware is particularly nasty and the plague doesn’t seem likely to cease any time soon: new families are spotted almost daily. A small silver lining in this dark cloud is the fact that crypto is hard for the bad guys too: they have made many mistakes implementing their encryption…

  • Paper: Optimizing ssDeep for use at scale

    Brian Wallace presents tool to optimize ssDeep comparisons. Malware rarely comes as a single file, and to avoid having to analyse each sample in a set individually, a fuzzy hashing algorithm tool like ssDeep can tell a researcher whether two files are very similar — or not similar at all. When working with a large…

  • Researchers release CryptoLocker decryption tool

    Tool uses private keys found in database of victims. Please note : this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active until June 2014. The tools mentioned are unlikely to work to decrypt newer versions of ransomware, including those branded as ‘CrytpoLocker’. The CryptoLocker ransomware…