reverse engineering
Dangerous Clipboard: Analysis of the MS15-072 Patch
This post was authored by Marcin Noga with contributions from Jaeson Schultz. Have you ever thought about how security researchers take a patch that has been released, and then reverse it to find the underlying security issue? Well, back In July Microsoft released security bulletin MS15-072, titled:…
Threat Spotlight: Rombertik – Gazing Past the Smoke, Mirrors, and Trapdoors
This post was authored by Ben Baker and Alex Chiu. Executive Summary Threat actors and security researchers are constantly looking for ways to better detect and evade each other. As researchers have become more adept and efficient at malware analysis, malware authors have made an effort to build mo…
Cryptowall 3.0: Back to the Basics
This post was authored by Andrea Allievi & Earl Carter Ransomware continues to impact a large number of organizations and the malware continues to evolve. In January, we examined Cryptowall 2.0 and highlighted new features incorporated into the dropper and Cryptowall binary. When Cryptowall 3.0…
Ransomware on Steroids: Cryptowall 2.0
This post was authored by Andrea Allievi and Earl Carter. Ransomware holds a user’s data hostage. The latest ransomware variants encrypt the user’s data, thus making it unusable until a ransom is paid to retrieve the decryption key. The latest Cryptowall 2.0, utilizes TOR to obfuscate the command an…
1