Trust me, I have a pen

Earlier today we became aware of a malicious website delivering Petya through the Hunter exploit kit. While there is nothing special about yet another exploit kit page, this one caught our attention because it mimics the index page of our sinkhole systems. Read Full Article

Attacking Diffie-Hellman protocol implementation in the Angler Exploit Kit

In Angler, threat actors used the Diffie-Hellman protocol to creating difficulties in firewall detection of the exploit and also making it harder for the analysts to get the exploit code. However, the experts from Kaspersky Lab managed to perform a successful attack against Diffie-Hellman protocol implementation and decipher the shellcode. Read Full Article

New gTLDs, same attacks

Cybercriminals around the world have already started to point their guns and attacks at the new gTLDs, the ‘generic Top Level Domains’ approved by ICANN and offered by registrars to people interested in buying a new domain name. Recently we… Read Full Article

The Icefog APT: A Tale of Cloak and Three Daggers

The world of Advanced Persistent Threats (APTs) is well known. Skilled adversaries compromising high-profile victims and stealthily exfiltrating valuable data over the course of many years. Such teams sometimes count tens or even hundreds of people, going through terabytes or… Read Full Article