Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe. Read Full Article
The 2017 VirusBulletin conference is upon us and, as in previous years, we’re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research. This year we decided to put our heads together to understand the implications that the esoteric SIGINT practice of fourth-party collection could have on threat intelligence research. Read Full Article
Moonlight Maze is the stuff of cyberespionage legend. In 1996 someone was rummaging through military, research, and university networks primarily in the United States, stealing sensitive information on a massive scale. To say that this historic threat actor is directly related to the modern day Turla would elevate an already formidable modern day attacker to another league altogether. Read Full Article
Yet another year has flown past and, as far as notable infosec happenings are concerned, this is one for the history books. Drama, intrigue and exploits have plagued 2016 and, as we take stock of some of the more noteworthy stories, we once again cast our gaze forward to glean the shapes of the 2017 threat landscape. Read Full Article
Targeted attackers are using an increasingly wide range of deception techniques to muddy the waters of attribution, planting ‘False Flag’ timestamps, language strings, malware, among other things, and operating under the cover of non-existent groups. Read Full Article
Last week vulnerability developers, security researchers, and even a couple of friendly govies descended upon my native Miami for two daily servings of novel implants, exploits, and the latest in offensive research. Read Full Article
This year, we had the absolute pleasure of being a part of CanSecWest’s fantastic lineup of talks, well-rewarded pwnage, and entertainment among a jovial crowd of infosec practitioners of every stripe. Read Full Article
Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. The goal of the operation is to disrupt the activity of the Lazarus Group – a highly malicious entity responsible for data destruction as well as conventional cyber-espionage operations against multiple companies around the world. Read Full Article
As the year comes to an end, we have an opportunity to take stock of how the industry has evolved and to cast our predictions for the coming years. The outlook for our rapidly evolving field of study is quite thought-provoking and will continue to present us with interesting challenges. Read Full Article
Blackhat and Defcon 2015 are being held in Las Vegas this year in the Mandalay Bay and Paris hotels, with 9,000 people in Blackhat attendance and more at Defcon. Read Full Article