Showing 5 results for: September 2015 ×Security Research ×

Jumping through the hoops: multi-stage malicious PDF spam

We've recently encountered a number of malicious spam messages with PDFs attached. The PDFs themselves are not malicious as they don't contain executable code, but they do contain images with underlying URI actions. The image, if clicked, will open the...

Quaverse RAT: Remote-Access-as-a-Service

***UPDATE as of September 28, 2015 - see the bottom of this post for removal instructions*** Quaverse RAT or QRAT is a fairly new Remote Access Tool (RAT) introduced in May 2015. This RAT is marketed as an undetectable Java...

Lessons in Spam JavaScript Obfuscation Layers

Spammers seem to be adding layers of obfuscation to their malware attachments in an attempt to evade spam filters that look inside attachments. Most malware attachments come in the form of executables, or, increasingly, Word files with malware-laden macros. These...

Debugging SAP ASE .NET Provider Issues

I've recently been chasing a bug that made it impossible to call one built-in stored procedure within SAP Adaptive Server Enterprise (ASE) .NET provider. The procedure in question is sp_loginconfig which exists only on ASE running on Windows platforms. If...