javascript

As malware researchers, we spend several days a week debugging malware in order to learn more about it. For that, we have several powerful and popular user mode tools to choose from, such as OllyDbg, x64dbg, IDA Pro and Immunity Debugger. All these debuggers utilize some scripting language to automa…

This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use…

Cisco is pleased to announce the “Supercomputer in your browser” (SiYB) project, designed to bring the rich High Performance Computing (HPC) ecosystem to the world’s most popular software: web browsers. The free SiYB software is a web browser plugin that is easily installed on any…

This post is co-authored by Andrew Tsonchev, Jaeson Schultz, Alex Chiu, Seth Hanford, Craig Williams, Steven Poulson, and Joel Esler. Special thanks to co-author Brandon Stultz for the exploit reverse engineering.  Silverlight exploits are the drive-by flavor of the month. Exploit Kit (EK) owners a…

Recently we have seen a spate of government websites hosting malicious Cookiebomb JavaScript. We have observed URLs with the top level domains such as ‘.gov.uk’, ‘.gov.tr’, ‘.gov.pl’ and the website of a middle eastern embassy in the US become compromised and expose visitors to malware infection. Fo…