Collaborate Disseminate
I’ve blogged a bit…okay, a LOT…over the years on the topic of parsing LNK files, but a subject I really haven’t touched on is LNK builders or generators. This is actually an interesting topic because it ties into the cybercrime economy quite nicely… Continue reading LNK Builders
As most regular readers of this blog can tell you, I’m a bit of a fan of LNK files…a LNK-o-phile, if you will. I’m not only fascinated by the richness of the structure, but as I began writing a parser for LNK files, I began too see some interes… Continue reading Toolmarks: LNK Files in the news again
There are 12 critical and five previously disclosed bugs in the February 2020 Patch Tuesday Update. Continue reading Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches
Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user. Continue reading Patch Tuesday, September 2019 Edition
Update, 28 Feb: Just a quick note…this post is not about tools. I do not mention any tools in the post, and the content isn’t about one tool being better than another. I do mention using a hex editor, but that is simply to verify finds from whi… Continue reading LNK Files
Microsoft Windows automatically executes code specified in shortcut(LNK)files. Continue reading VU#824672: Microsoft Windows automatically executes code specified in shortcut files
Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm. Continue reading Stuxnet LNK Exploits Still Widely Circulated
Locky ransomware and Kovter click-fraud malware are being spread in the same email campaign for the first time, with malicious .lnk files being used to infect computers. Continue reading Locky Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns
Microsoft malware researchers say Locky ransomware authors are changing tactics again to evade detection. Continue reading Locky Ransomware Learns New Evasive Tricks
First, documents with macros; then JavaScript files; now the crooks are trying out “infection by shortcut”… Continue reading Beware of ransomware hiding in shortcuts