Tag: vb2018
-
VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles
The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups of recent years. It has engaged in digital espionage, destructive attacks and financially motivated attacks, and was probably the most discussed threat group at VB2018 in Montreal. One of the Lazarus-related papers at VB2018 was written by…
-
VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles
The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups of recent years. It has engaged in digital espionage, destructive attacks and financially motivated attacks, and was probably the most discussed threat group at VB2018 in Montreal. One of the Lazarus-related papers at VB2018 was written by…
-
VB2018 paper: Fake News, Inc.
“Fake news” is a term that was little used just a handful of years ago, yet by 2017 it had become so prominent in our everyday vocabulary that it was awarded the honour of the Collins Dictionary ‘s ” word of the year “. fake news ( ˌfeɪk ˈnjuːz ) noun: false, often sensational, information…
-
VB2018 paper: Fake News, Inc.
“Fake news” is a term that was little used just a handful of years ago, yet by 2017 it had become so prominent in our everyday vocabulary that it was awarded the honour of the Collins Dictionary ‘s ” word of the year “. fake news ( ˌfeɪk ˈnjuːz ) noun: false, often sensational, information…
-
VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation
The two most common methods for analysing potentially malicious files each have their shortcomings. Dynamic analysis only looks at what actually happens when the code is run and can thus be frustrated by anti-analysis techniques. Static analysis doesn’t have this shortcoming, but is hindered by obfuscation used in the file. In a paper presented at…
-
VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation
The two most common methods for analysing potentially malicious files each have their shortcomings. Dynamic analysis only looks at what actually happens when the code is run and can thus be frustrated by anti-analysis techniques. Static analysis doesn’t have this shortcoming, but is hindered by obfuscation used in the file. In a paper presented at…
-
VB2018 video: Adware is just malware with a legal department – how we reverse engineered OSX/Pirrit, received legal threats, and survived
OSX/Pirrit was first analysed in 2016 by Cybereason ‘s Amit Serper in a guest blog post for the Objective See blog. It is an interesting and technically thorough analysis of a piece of adware that, as is not uncommon, uses techniques borrowed from malware. Pirrit appears as an unsigned executable inside an app bundle, source:…
-
VB2018 video: Adware is just malware with a legal department – how we reverse engineered OSX/Pirrit, received legal threats, and survived
OSX/Pirrit was first analysed in 2016 by Cybereason ‘s Amit Serper in a guest blog post for the Objective See blog. It is an interesting and technically thorough analysis of a piece of adware that, as is not uncommon, uses techniques borrowed from malware. Pirrit appears as an unsigned executable inside an app bundle, source:…