javascript

February 18, 2019

THREAT RESEARCH

JavaScript bridge makes malware analysis with WinDbg easier

As malware researchers, we spend several days a week debugging malware in order to learn more about it. For that, we have several powerful and popular user mode tools to choose from, such as OllyDbg, x64dbg, IDA Pro and Immunity Debugger. All these debuggers utilize some scripting language to automa…

August 9, 2017

THREAT RESEARCH

WinDBG and JavaScript Analysis

This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use…

A supercomputer in your browser

Cisco is pleased to announce the “Supercomputer in your browser” (SiYB) project, designed to bring the rich High Performance Computing (HPC) ecosystem to the world’s most popular software: web browsers. The free SiYB software is a web browser plugin that is easily installed on any…

May 19, 2014

SECURITY

Angling for Silverlight Exploits

This post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering.  Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners a…

August 23, 2013

SECURITY

Crumbling to the Cookiebomb

Recently we have seen a spate of government websites hosting malicious Cookiebomb JavaScript. We have observed URLs with the top level domains such as ‘.gov.uk’, ‘.gov.tr’, ‘.gov.pl’ and the website of a middle eastern embassy in the US become compromised and expose visitors to malware infection. Fo…