There were no readily available tools to analyze how the program written in Harbour works. So, we wrote our own. We hope this decompiler makes analyzing samples written in Harbour a little bit easier for others as well. Read Full Article
Ransomware: two pieces of good news
Nowadays, cybercriminals have a thousand and one ways of creating and spreading ransomware. However, those fighting ransomware are not standing still either. In fact, we have two pieces of good news to share with you. Read Full Article
Modern OSs for embedded systems
At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems (or, in other words, the internet of things). Our primary interest is how and to what degree these OSs can solve cybersecurity-related issues. Read Full Article
Your new friend, KLara
In R&D we use a lot of open-source projects and we believe giving back to the community is our way of saying ‘Thank you’. More and more security companies are releasing their open-source projects and we would like to contribute with our distributed YARA scanner. Read Full Article
Happy IR in the New Year!
In IR cases we use a very simple script that is uploaded to every Windows computer in the corporate network to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers were moving through the network. It’s holiday season and it is our pleasure to share this script with you. Read Full Article
Bitscout – The Free Remote Digital Forensics Tool Builder
Being a malware researcher means you are always busy with the struggle against mountains of malware and cyberattacks around the world. Over the past decade, the number of daily new malware findings raised up to unimaginable heights: with hundreds of thousands of malware samples per day! Read Full Article
How to succeed in online investigations and digital forensics
Maltego, the tool best known for deep data mining and link analysis, has helped law enforcement, intelligence agencies and others in security-related work since it was released in 2008. To benefit from using Maltego, come to SAS 2017 for intensive Digital Intelligence Gathering training from the experts who created the tool from scratch: there won’t be any questions that they can’t answer. Read Full Article
Malicious code and the Windows integrity mechanism
My goal wasn’t to review the techniques of elevating system privileges. Here, I wanted to look at the overall picture and talk about the whole range of Windows operating systems in all their diversity dating back to Windows Vista, but without discussing specific versions. Read Full Article
Windows 10: What’s New in the Security System
This review consists of three parts devoted to the most prominent new Windows 10 features that affect security. We use examples to demonstrate how Windows 10 protection technologies work and how they can be complemented by third-party solutions to improve system security. Read Full Article
Microsoft Security Updates March 2016
Microsoft releases thirteen bulletins this month, patching a total of 44 vulnerabilities. More than half of the critical vulnerabilities fixed this month support the web browsers, Internet Explorer and Microsoft Edge. Vulnerabilities rated critical also exist in Opentype font parsing kernel components, Windows Media Player, and the Windows PDF library. Read Full Article