Showing 34 results for: 2012 ×Malware ×

The Dexter Malware: Getting Your Hands Dirty

A very interesting piece of malware that targets Point of Sale systems has recently surfaced in the malware community. As a guy who frequently reverses malware that targets card data (aka. Track data), this caused me to take notice. Before...

An Analysis of a Fake Vodafone Bill PDF File

We haven't come across many malicious PDF files recently in our spam traps, so when we found this message, ostensibly from Vodafone Deutschland, we naturally took a closer look. In this example, the cyber crooks are targeting Vodafone Deutschland customers...

CVE-2012-4969 and the Unnamed Admin Panel

While CVE-2012-4969 isn't new, we are still curious about the various ways this vulnerability can be exploited. Today we've stumbled upon a new instance of it. Let's have a look. That's a rather simple version of the first half of...

FinSpy Mobile - Configuration and Insight

A couple of weeks ago, Citizen Lab announced the discovery of the mobile component to the previously discovered FinFisher Toolkit (Reference Here). In this reveal, they talk about the many mobile variants, and a number of components included in each....

Blackhole Exploit Kit v2

A few days ago a new version of THE most common exploit kit was released. Unlike most exploit kit authors, who try to keep a low profile, the author of Blackhole publishes his work in Russian forums and even writes...

Getting a Start in the Security Industry

This has been a fairly common topic over the last year and I've seen plenty of blog posts and presentations about the subject. For me personally, many just don't cover the information I've found to be essential during my entrance...

Backward Compatibility Plays to Malware's Hands

Maintaining backward compatibility in software products is hard. Technology evolves on a daily basis, and while it feels "right" to go ahead and ditch the old technology in favor of the new, it sometimes might cause issues, especially when a...

Client-side Payload - The Brazilian Way.

My name is Wendel Guglielmetti Henrique, and I'm a senior security consultant at Trustwave's SpiderLabs. I have over 12 years experience in Information Technology, with the last 7 years dedicated to penetration testing. My recent presentations include RSA Conference 2012...

Analyzing PDF Malware - Part 3D

Part 3D of a demonstration on analyzing malware embedded within a suspicious PDF document. This finale post of the series illuminates the ultimate goal of the malware and concludes with a discussion on ways to protect yourself from similar attack vectors.

Spam Down: Where is Lethic?

At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish a bunch of statistics relating to spam, and last week people were asking me where these were as the old M86 website is phased out....

Analyzing PDF Malware - Part 3C

Part 3C of a demonstration on analyzing malware embedded within a suspicious PDF document. This part specifically deals with dynamic analysis of the discovered shellcode itself within a virtual machine.

Analyzing PDF Malware - Part 3B

Part 3B of a demonstration on analyzing malware embedded within a suspicious PDF document. This part specifically deals with static analysis of discovered shellcode.

The Return of Zuc.A and and Ancient OSX Viruses?

A few weeks ago I caught a tweet from Chris Wysopal (@WeldPond) noticing how the new version of Microsoft Security Essentials had detected the Zuc.A virus on his machine. You might think that's really cool how Microsoft gives away free...

Discussions on Targeted Attacks

Even though targeted attacks performed by groups such as LulzSec and Anonymous has gotten less headlines recently, in general the number of targeted attacks in the past few months have increased. The motivation behinds such attacks vary; for instance, the...

Defeating Flame String Obfuscation with IDAPython

Like many other security research firms, SpiderLabs Research has been actively investigating the Flame (a.k.a. sKyWIper) malware that was revealed earlier this week. For those unaware of what Flame is, I'll provide a very brief summary. Essentially, Flame is a...