Tag: vb2017
-
Test your technical and mental limits in the VB2017 foosball tournament
We all know the scenario. You’re using multiple layers of defence, combined with a fast response time, to prevent a skilled attacker from reaching the goal. Or maybe you are that attacker, and you are carefully looking for that single weakness that will allow you to bypass the defence. I am, of course, talking about…
-
Test your technical and mental limits in the VB2017 foosball tournament
We all know the scenario. You’re using multiple layers of defence, combined with a fast response time, to prevent a skilled attacker from reaching the goal. Or maybe you are that attacker, and you are carefully looking for that single weakness that will allow you to bypass the defence. I am, of course, talking about…
-
Hot FinSpy research completes VB2017 programme
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…
-
Hot FinSpy research completes VB2017 programme
The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…
-
Transparency is essential when monitoring your users’ activities
The inspection of HTTPS traffic is a sensitive issue among security experts. On the one hand, there are those who argue that this breaks the important end-to-end principle of secure connections, while others argue that it is essential if one wants to block malicious network traffic, which is increasingly using HTTPS. I tend to side…
-
Transparency is essential when monitoring your users’ activities
The inspection of HTTPS traffic is a sensitive issue among security experts. On the one hand, there are those who argue that this breaks the important end-to-end principle of secure connections, while others argue that it is essential if one wants to block malicious network traffic, which is increasingly using HTTPS. I tend to side…
-
VB2017 preview: Android reverse engineering tools: not the usual suspects
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an esoteric and mostly theoretical threat. Things have changed a lot in the last six years – something that is perhaps best illustrated by Google ‘s…
-
VB2017 preview: Android reverse engineering tools: not the usual suspects
Six years ago (coincidentally the last time the VB conference was held in Spain) saw the first VB conference paper presented on Android malware, which at that time was still an esoteric and mostly theoretical threat. Things have changed a lot in the last six years – something that is perhaps best illustrated by Google ‘s…
-
VB2017 preview: Crypton – exposing malware’s deepest secrets
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long history of including papers on tools and tricks that make the task of analysing malware a lot easier. ‘Crypton’ is such a tool. It…
-
VB2017 preview: Crypton – exposing malware’s deepest secrets
Ask a programmer to perform the same task twice and they will write a tool that automates it. Malware analysts are no different, and the Virus Bulletin Conference has a long history of including papers on tools and tricks that make the task of analysing malware a lot easier. ‘Crypton’ is such a tool. It…