In April 2018, we spotted the first ransomware employing the Process Doppelgänging technique – SynAck ransomware. It should be noted that SynAck is not new, but a recently discovered sample caught our attention after it was found to be using Process Doppelgänging. Here we present the results of our investigation of this new SynAck variant. Read Full Article
Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ C&C. In addition, the compromised devices were pushed Trojan updates. The operation remains active at the time of writing this post. Read Full Article
After going out of fashion for a number of years, malicious macros inside Office files have recently experienced a revival. And why not, especially if they are a lot cheaper than exploits and capable of doing the same job? Read Full Article
I have never bought a PlayStation and neither has my colleague Micha-san from Japan – well, in his case, at least not from Brazil. Nonetheless, we both received the same email notification: In this instance cybercriminals from Brazil have used a new,… Read Full Article
New Adobe PDFs exploiting CVE-2013-0640 drop sophisticated malware known as “MiniDuke”. Read Full Article
Cybercriminals avoiding detection and automated monitoring by block cipher using. Read Full Article
Looking up definitions for ‘iframe’ does indeed give results about “… a constraint of the H.264 codec specified by Apple to ensure ease of consumer video editing.”. Such iframes do contain all necessary rendering information and serve as reference to construct other frames. But here we discuss the other kind of iframes – HTML tags. Read Full Article
Fabio, our researcher in Brazil, has noticed malware authors using an old trick to mask URLs. The trick involves specifying an IP address such as say, 66.102.13.19 (the IP address of google.com, borrowed from my colleague, Costin) in a numerical base other than base 10. Read Full Article
More thoughts on drawing the line Read Full Article
The Race to Zero is not a questionable affair – no questions about it…it is unethical. Read Full Article