At Nettitude we collect a large amount of malware binary samples, both from our Honeypot network, from our customers and from incident response. One of the first steps we take is to calculate the MD5 hash of the malware and compare this hash to known samples, while unknown samples can be examined further by an analyst.
Topics: Security Blog, Uncategorized
Introduction
Topics: Security Blog, Uncategorized
Protecting against cyber-attacks is proving to be a real challenge. A few years ago, defence in depth was the recommended methodology to successfully fight cyber-attacks. Despite the proliferation of defence in depth mechanisms, a large number of high profile cyber-attacks are still observed. It's no surprise to anyone that all sensible business owners and world leaders are seriously worried about the impact of successful cyber-attacks against their environment. According to a survey by Forrester’s Foresights Security Survey in 2013, 75% of 490 companies agreed that cyber threat intelligence was a priority. The recent report “2015 Global Megatrends in Cybersecurity” sponsored by Raytheon suggest that most companies will deploy cyber threat intelligence over the next three years as a measure against cyber-attacks.
Topics: Security Blog, Uncategorized
Please note the vulnerability detailed in this blog article was first discovered on Monday 9th March 2015, disclosed and discussed with the company concerned on March 10th and a patch was released on March 12th.
Topics: Security Blog, Uncategorized
Hooking can be used by legitimate software for reverse engineering, for example, to examine the user mode function calls that a malicious program is making.
Topics: Security Blog, Uncategorized
In a previous blog post I gave a high level overview of DLL injection, what it is used for and how it might be achieved.
Topics: Security Blog, Uncategorized
A High Level Overview
Topics: Security Blog, Uncategorized
In this blog post, I will discuss how a cloud-based architecture makes wireless local area network (LAN) easier and more affordable compared with traditional wireless LAN architecture.
Topics: Security Blog, Uncategorized
Obfuscation is a technique used to change software code in order to make it harder for a human to understand. There are several reasons one might obfuscate code:
Topics: Security Blog, Uncategorized
During the recent BSIDES conference (2014), which was hosted in Las Vegas, Kyle Adams presented on "Evading code emulation: Writing ridiculously obvious malware that bypasses AV":
Topics: Security Blog, Uncategorized