Monthly Archives: May 2018

Malware analysis: decoding Emotet, part 1

Emotet Banking Trojan malware has been around for quite some time now. As such, infosec researchers have made several attempts to develop tools to de-obfuscate and even decrypt the AES-encrypted code belonging to this malware. The problem with these tools … Continue reading

Posted in Antivirus | Comments Off on Malware analysis: decoding Emotet, part 1

VPNFilter EXIF to C2 mechanism analysed

On May 23 2018, our colleagues from Cisco Talos published their excellent analysis of VPNFilter, an IoT / router malware which exhibits some worrying characteristics. Some of the things which stand out about VPNFilter are: It has a redundant, multi-stage … Continue reading

Posted in Antivirus | Comments Off on VPNFilter EXIF to C2 mechanism analysed

Happy anniversary to Dreamcast…and its scams

This month marks 20 years since the legendary SEGA Dreamcast console was first announced. Looked on fondly by gamers, it revolutionised many aspects of gaming and brought cheap(ish) online console gaming to the masses. Click to enlarge SEGA has endured … Continue reading

Posted in Antivirus | Comments Off on Happy anniversary to Dreamcast…and its scams

Backdoors in D-Link’s backyard

“If you want to change the world, start with yourself.” In the case of security research this can be rephrased to: “If you want to make the world safer, start with the smart things in your home.” Or, to be … Continue reading

Posted in Antivirus | Comments Off on Backdoors in D-Link’s backyard

Spam and phishing in Q1 2018

Quarterly highlights Data leaks Early 2018 will be remembered for a series of data leak scandals. The most high-profile saw Facebook CEO Mark Zuckerberg grilled by US Congress, with many public figures supporting the Delete Facebook campaign. As a result, … Continue reading

Posted in Antivirus | Comments Off on Spam and phishing in Q1 2018

Why bad coding habits die hard—and 7 ways to kill them

Developers are usually the focus of blame when software vulnerabilities cause organizational breaches. (Sometimes, quality assurance engineers are included in the flame.) Interestingly, though, hardly anyone looks at why bad coding habits form in the first place. We’re talking about the … Continue reading

Posted in Antivirus | Comments Off on Why bad coding habits die hard—and 7 ways to kill them

I know where your pet is

Kaspersky Lab’s many years of cyberthreat research would suggest that any device with access to the Internet will inevitably be hacked. In recent years, we have seen hacked toys, kettles, cameras, and irons. It would seem that no gadget has … Continue reading

Posted in Antivirus | Comments Off on I know where your pet is

Malwarebytes CrackMe 2: contest summary

About three weeks ago, we published our second CrackMe. It triggered a lot of interest, and we got many high-quality write-ups. Choosing the winner was really difficult! In this post, I am going to summarize the contest and comment on … Continue reading

Posted in Antivirus | Comments Off on Malwarebytes CrackMe 2: contest summary

New Mac cryptominer uses XMRig

A new Mac cryptominer was discovered this week, after affected users saw their fans whirring out of control and a process named “mshelper” gobbling up CPU time like Cookie Monster. Fortunately, this malware is not very sophisticated and is easy … Continue reading

Posted in Antivirus | Comments Off on New Mac cryptominer uses XMRig

A week in security (May 14 – May 20)

Last week, we looked at the deluge of incoming policies caused by GDPR, tackled Adobe Reader zero days, and ran through some iPhone security tips. We also caught some helpline scammers in the act, explored advergaming, got our Senate Bill game … Continue reading

Posted in Antivirus | Comments Off on A week in security (May 14 – May 20)