Category Archives: Antivirus

The return of Mamba ransomware

At the end of 2016, there was a major attack against San Francisco’s Municipal Transportation Agency. The attack was done using Mamba ransomware. This ransomware uses a legitimate utility called DiskCryptor for full disk encryption. This month, we noted that … Continue reading

Posted in Antivirus | Comments Off on The return of Mamba ransomware

Cerber ransomware delivered in format of a different order of Magnitude

As a follow up to our study into the Magnitude exploit kit and its gate (which we profiled in a previous blog post), we take a look at an interesting technique used to distribute the Cerber ransomware. Exploit kits are … Continue reading

Posted in Antivirus | Comments Off on Cerber ransomware delivered in format of a different order of Magnitude

APT Trends report Q2 2017

Introduction Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service … Continue reading

Posted in Antivirus | Comments Off on APT Trends report Q2 2017

Explained: security certificates

As a result of my PowerShell series [1],[2],[3], where I used the handling of certificates as an example, mainly because I wanted a method to keep track easier of which certificates were being added by malware, I’ve have received some … Continue reading

Posted in Antivirus | Comments Off on Explained: security certificates

A week in security (July 31 – August 6)

Last week we explored some basic PowerShell commands, dived into the new methods used by TrickBot, and wrote at length about the Magnitude exploit kit redirection chain. Our teams were busy at both BlackHat and DefCon, and outside of those … Continue reading

Posted in Antivirus | Comments Off on A week in security (July 31 – August 6)

Apple phish: Summary report statement

If the following message lands in your mailbox, you may wish to throw on your “This is highly suspicious” cap before proceeding further:   The email is titled RE: [ Summary Report ] Statement login and update account 08/05/2017 Note … Continue reading

Posted in Antivirus | Comments Off on Apple phish: Summary report statement

Learning PowerShell: basic programs

In the previous posts we have looked at some elementary PowerShell concepts and we have constructed some basic commands to export and compare data. We did this by using an example of certificates being dumped in the “Untrusted” category by … Continue reading

Posted in Antivirus | Comments Off on Learning PowerShell: basic programs

DEFCON 25

After a few days in Las Vegas and after BlackHat, DEFCON 25 is finally over! It was an amazing time around awesome people. I didn’t attend all the talks, but most of the ones I saw were interesting: There’s no … Continue reading

Posted in Antivirus | Comments Off on DEFCON 25

Steganography in contemporary cyberattacks

Steganography is the practice of sending data in a concealed format so the very fact of sending the data is disguised. The word steganography is a combination of the Greek words στεγανός (steganos), meaning “covered, concealed, or protected”, and γράφειν … Continue reading

Posted in Antivirus | Comments Off on Steganography in contemporary cyberattacks

Black Hat USA 2017 Recap

What do you get when you put hackers, gambling, and dogs together? Black Hat USA 2017  …and a random zoo conference happening next door. Last week, we wrapped up another successful trip to Las Vegas for Black Hat. For those of … Continue reading

Posted in Antivirus | Comments Off on Black Hat USA 2017 Recap