RSS Reader for Computer Security Articles
Credit to Author: Andrew Brandt| Date: Tue, 21 Aug 2018 16:56:34 +0000
Even using an older version of our anti-exploit technology will protect you if you open a malicious document with the CVE-2018-8414 exploit embedded in it<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/qXrxxFkjKfc” height=”1″ width=”1″ alt=””/>
Read MoreCredit to Author: Vishal Thakur| Date: Thu, 07 Jun 2018 15:00:00 +0000
 | |
| In part two of our series on decoding Emotet, we analyze the PowerShell code flow and structure. We also reconstruct the command-line arguments—for fun! Categories: Tags: code analysisdownloaderemotetencryptionpowershell |
The post Malware analysis: decoding Emotet, part 2 appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Windows Defender ATP| Date: Wed, 24 Jan 2018 14:00:21 +0000
Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks (Petya and WannaCry) used fileless techniques as part of their kill chains. The idea behind fileless malware is simple: If tools already exist on a device
Read MoreCredit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 14:00:07 +0000
Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for living off the landstaying away from the
Read MoreCredit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000
 | |
| In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia. Categories: Tags: espionagegovermentmacromicrosoft wordpowershellsaudi arabiascriptingtrojan |
The post Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000
| |
| In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia. Categories: Tags: espionagegovermentmacromicrosoft wordpowershellsaudi arabiascriptingtrojan |
The post Elaborate scripting-fu used in espionage attack against Saudi Arabia Government appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Pieter Arntz| Date: Fri, 04 Aug 2017 18:00:35 +0000
 | |
| In this last part of the short series about the basics of PowerShell we assemble a small script from scratch and explain how it works. Categories: Tags: certificatesPieter Arntzpowershellprogramscript |
The post Learning PowerShell: basic programs appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Pieter Arntz| Date: Tue, 01 Aug 2017 15:00:12 +0000
| |
| We are going to construct some basic Powershell commands and explain how they work just to show you how useful Powershell can be. For good and for bad. Categories: Tags: certificatescommandsPieter ArntzpowershelltrojanVonteera |
The post Learning PowerShell: some basic commands appeared first on Malwarebytes Labs.
Read More