no-image

Happy IR in the New Year!

In IR cases we use a very simple script that is uploaded to every Windows computer in the corporate network to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers were moving through the network. It’s holiday season and it is our pleasure to share this script with you. Read Full Article

no-image

Adobe Flash Player 0-day and HackingTeam’s Remote Control System

Adobe Flash Player CVE-2013-0633 is a critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called -legal- surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from -HackingTeam- marketed as Remote Control System. Read Full Article

no-image

KSN: An Analysis of Web Browsers

Today, cybercriminals are quick to exploit vulnerabilities in Adobe Reader, Flash and Java to infect users’ computers. There is a simple reason for this popularity: exploits of vulnerabilities found in these products can infect computers regardless of which operating systems… Read Full Article