Static Analysis Malware Statistics

During the past month I’ve been dedicated some of my free time in building a Malware static analysis pipeline. Goal of this work is to give to Malware analists usefull statistics on what evasion techniques current Malware are implementing. If you are interested on Malware evasion techniques please have a look to my previous post […]

Read more "Static Analysis Malware Statistics"

GitHub and the Man On The Side Attack

Recently most of the people used to collaborate through GitHub experienced a new kind of Denial Of Service Attack widly recognized as Main-On-The-Side Attack. The Github DDOS attack was driven by the State of China (NewYorkTime) with the intent to alert GitHub company about the violation of the Chinese censorship policies. “Because GitHub is fully […]

Read more "GitHub and the Man On The Side Attack"

Getting Persistence With No Malware

One of the most challenging task for attackers is to get persistence into the hacked machine. Malware was the perfect way to get this task done: basically a simple Malware, implementing a persistence technique such as: Getting into the “startup folder” Installing a rootkit on user/system executable DLL search hijacking “Run” Registry keys “UserInit” Registry […]

Read more "Getting Persistence With No Malware"

Indusrtial Control Systems: an Interview

Industrial Control System Security is a great challenge in nowadays production environments but often is one of the last sake of production managers. “SCADA (supervisory control and data acquisition) is a system operating with coded signals over communication channels so as to provide control of remote equipment (using typically one communication channel per remote station). […]

Read more "Indusrtial Control Systems: an Interview"

PDF Versions Malicious Content Distribution

While attack vectors based on Malicious PDF are a well known topic (SANS, Didier’s tools), understanding how those vectors are spread up nowadays is an interesting “research” (at least in my personal opinion). Recently, Yoroi ‘s toolset gave me the ability to analize almost 2k PDF per hour, so I decided to analyze an entire […]

Read more "PDF Versions Malicious Content Distribution"