MENUMenuIcon OUR STORY

SLASHNEXT LABS

THE KNOWLEDGE CENTER

BLOG

VIEW CATEGORIESHIDE CATEGORIES
Icon admin

Rise and Fall of Sandboxes

General

Antivirus software initially relied heavily on signatures to identify malware and other object based threats.  Indeed, even today’s current AV products still primarily use a signature engine for detection.  Signatures were and are determined when a malware (or malicious file object) arrives in the hands of an antivirus firm, and is analyzed by malware researchers …

Icon Read More
Icon admin

Kirk Ransomware Based on Star Trek Theme

Malware, Ransomware

Kirk is a newly discovered ransomeware. It is similar in function to other ransomeware but its authors (presumably fans of Gene Rodenberry’s iconic TV series) have borrowed character names for the encryption and decryption components. Two notable items related to Kirk are: The program is written in python which is quite uncommon for ransomware. The …

Icon Read More
Icon admin

Felismus Malware

APT, Malware

Felismus is a sophisticated Remote Access Trojan (RAT) and, to date, has been used in highly targeted campaigns. RATs allow an attacker to access the infected machine in much the same way one would access a remote machine using TeamViewer, WebEx, or Windows Remote Terminal, however without the infected user’s knowledge or consent. Felismus implements …

Icon Read More
Icon admin

Zero-Hour Multi Brand Phish

General, Phishing

Popular global brands like Yahoo, Gmail, Microsoft, and DropBox are commonly used for Credential Phishing attacks. Typically the attacker creates a replica of the brand’s Sign-in or Password recovery page and attempts to lure victims into entering their confidential information into the fake page. Today, at a large customer site, we witnessed a new twist to this …

Icon Read More
Icon admin

Yahoo Email Phishing through Data URI

General, Phishing

Hackers have come up with new and innovative way to perform credential phishing attacks. Typical credential phishing is done by creating look-a-like web pages hosted on compromised web servers or servers owned by the attacker himself. The problem for an attacker is that eventually signature based technologies catch up and black list these pages. Attackers have found …

Icon Read More