Clik here to view.
Black Hat USA 2014
F-Secure Labs'Timo Hirvonen will be presenting at Black Hat USA 2014.His presentation is titled: Dynamic Flash Instrumentation for Fun and Profit."If only there were a decent tool for dynamic analysis...
View ArticleClik here to view.
Freedome: Limited-Time Offer
Our VPN app, Freedome, was recently updated (on iOS).What's Freedome? It's our VPN service. You can use it to stay securely connected to home wherever you roam.Just set your home-base:And enjoy.Our...
View ArticleClik here to view.
BlackEnergy Rootkit, Sort of
A sample of the BlackEnergy family was recently uploaded to VirusTotal from Ukraine. The family is allegedly the same malware used in the cyber attack against Georgia in 2008. The malware provides...
View ArticleClik here to view.
SLocker Android Ransomware Communicates Via Tor And SMS
A little over two weeks ago, we found a new family of Android ransomware: SLocker.We have no evidence that SLocker is related to Koler, the most recently discovered Android ransomware. It does however...
View ArticleClik here to view.
Necurs - Rootkit For Hire
Necurs is a kernel mode driver best known at the moment for being used by Gameover Zeus (GOZ) to hinder attempts to detect and remove the malware. The technical details of the Necurs driver have...
View ArticleClik here to view.
Havex Hunts for ICS/SCADA Systems
During the past year, we've been keeping a close eye on the Havex malware family and the group behind it. Havex is known to be used in targeted attacks against different industry sectors, and it was...
View ArticleClik here to view.
You Are Responsible For Your Security And Privacy
I visited London on Monday. And I decided to try Heathrow Express (HEX) to get from the airport to London's center. I'm glad that I did — it was a smooth, fast, and quiet ride. Oh! Also, HEX offers...
View ArticleClik here to view.
ICS-CERT "Amber" ALERT-14-176-02
ICS-CERT has posted a TLP Amber report to its secure portal related to our analysis of ICS/SCADA-focused Havex components.For more information…ICS_CERT: ICS-ALERT-14-176-02Dark Reading: As Stuxnet...
View ArticleClik here to view.
Beware BlackEnergy If Involved In Europe/Ukraine Diplomacy
The universe is full of "Black Energy" and so is cyberspace. Not so very long ago, we wrote about a sample of the BlackEnergy family discovered via VirusTotal. The family is allegedly the same malware...
View ArticleClik here to view.
CosmicDuke: Cosmu With a Twist of MiniDuke
The backdoor known as "MiniDuke" was identified in Feburary 2013, discovered in a series of attacks against NATO and European government agencies. During MiniDuke analysis in April 2014, we determined...
View ArticleClik here to view.
Do you take your coffee with "Free" Wi-Fi?
Colleagues of ours recently visited a Starbucks in San Francisco and used the Wi-Fi.And while there, they grabbed a copy of AT&T's T&C. It's rather standard stuff, nothing there as surprising...
View ArticleClik here to view.
Trojan:W32/Lecpetex: Bitcoin miner spreading via FB messages
In early March this year, while investigating various threats as part of our Facebook malware cleanup effort, we ran across an interesting one that was spreading in zipped files attached to...
View ArticleClik here to view.
Diving Deep into Mayhem
Malware targeting Linux servers has been increasingly hitting the headlines over the past year. In this post we will present research on an advanced and highly versatile malware operation targeting...
View ArticleClik here to view.
Backdoor.Gates: Also Works for Windows
We have received reports about a Linux malware known as Backdoor.Gates.Analysis showed that this malware has the following features: • Collects information on the compromised system, such as OS...
View ArticleClik here to view.
Ransomware Race (Part 1): CryptoWall ups the ante
This summer has included the appearance of two strong new malware families onto the file encrypting Windows ransomware market: CryptoWall and CTB-Locker. Of these, CTB-Locker has been the more...
View ArticleClik here to view.
Ransomware Race (part 2): Personal media the next frontier?
It seems malware authors have recently taken a liking to the network-attached storage (NAS) devices manufactured by Synology Inc. First they were hit by Bitcoin mining malware in the beginning of this...
View ArticleClik here to view.
Testing the Xiaomi RedMi 1S
Xiaomi phones have made the news off and on in the last few months for their cheap, value for money phones and corporate moves. More recently, there were also reports that these popular devices also...
View ArticleTimo Discusses Dynamic Analysis of Flash Files
Senior Researcher Timo Hirvonen presented at Black Hat USA 2014, and publicly released a tool which enables dynamic analysis of malicious Flash files. He spoke about it with SC Magazine's Adam...
View ArticleClik here to view.
Ransomware Race (Part 3): SynoLocker Under The Hood
Last week we wrote about a new ransomware family called SynoLocker that was targeting network attached storage devices manufactured by Synology. Initial rumours suggested SynoLocker might be related...
View ArticleClik here to view.
Testing the Xiaomi RedMi 1S - now with OTA update
On August 10 Xiaomi addressed privacy concerns related to the MIUI Cloud Messaging function of its smartphones by releasing an OTA update intended to make this an opt-in feature, rather then a default...
View Article