VB Migration

Tag: vb2016

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • VB2016 paper: Uncovering the secrets of malvertising

    In his VB2014 paper , Bromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security. Today, we…

  • VB2016 paper: Building a local passiveDNS capability for malware incident response

    Anyone who has ever investigated a malware or phishing attack will know the feeling: “if only I could find out what IP address this domain pointed to when the attack took place”. If you’re tasked with performing incident response in your organisation, collecting passive DNS data is probably a good idea. One way to do this…

  • VB2016 paper: Building a local passiveDNS capability for malware incident response

    Anyone who has ever investigated a malware or phishing attack will know the feeling: “if only I could find out what IP address this domain pointed to when the attack took place”. If you’re tasked with performing incident response in your organisation, collecting passive DNS data is probably a good idea. One way to do this…

  • VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle

    Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers’ attention. This was certainly the case for the KeyRanger ransomware and the Keydnap credentials-stealer, both of which spread through a compromised server of the legitimate Transmission BitTorrent client. In a VB2016 last-minute presentation, ESET researchers…

  • VB2016 video: Last-minute paper: A malicious OS X cocktail served from a tainted bottle

    Though nowhere near as exotic as it was a few years ago, malware for OS X continues to attract researchers’ attention. This was certainly the case for the KeyRanger ransomware and the Keydnap credentials-stealer, both of which spread through a compromised server of the legitimate Transmission BitTorrent client. In a VB2016 last-minute presentation, ESET researchers…

  • VB2016 paper: Debugging and monitoring malware network activities with Haka

    Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic. After all, for somewhat understandable reasons, there is no standard C&C protocol for malware. If you regularly find yourself in this situation, you may want to have…

  • VB2016 paper: Debugging and monitoring malware network activities with Haka

    Anyone who has ever analysed malware through its network communications will knows that this often involves ad-hoc scripts in languages like Python or Perl to decode the traffic. After all, for somewhat understandable reasons, there is no standard C&C protocol for malware. If you regularly find yourself in this situation, you may want to have…

  • VB2016 paper: One-Click Fileless Infection

    Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…

  • VB2016 paper: One-Click Fileless Infection

    Over the last few years, we have seen a sharp increase in ‘fileless’ infections, where a machine is compromised without a malicious file ever being written to disk. Though not impossible to detect and prevent, they do require a security product. In a paper entitled “One-click fileless infection” presented at VB2016 in Denver, Symantec researchers…