A week in security (July 31 – August 6)

antispyware

Last week we explored some basic PowerShell commands, dived into the new methods used by TrickBot, and wrote at length about the Magnitude exploit kit redirection chain. Our teams were busy at both BlackHat and DefCon, and outside of those famous hallways, we also took time to fire up some basic PowerShell programs. Naturally the two … [Read more…]

Apple phish: Summary report statement

If the following message lands in your mailbox, you may wish to throw on your “This is highly suspicious” cap before proceeding further:   The email is titled RE: [ Summary Report ] Statement login and update account 08/05/2017 Note the old spammer trick of placing “RE:” at the start to make you think there’s … [Read more…]

Learning PowerShell: basic programs

In the previous posts we have looked at some elementary PowerShell concepts and we have constructed some basic commands to export and compare data. We did this by using an example of certificates being dumped in the “Untrusted” category by some malware. This time we will try to write a program that can undo these … [Read more…]