Category Archives: malware detection

Underground vendors can reliably obtain code signing certificates from CAs

Posted on by

More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, researchers have found. They do not go directly to the CAs for that, but go through… Continue reading Underground vendors can reliably obtain code signing certificates from CAs

Fooling security tools into believing malicious code was signed by Apple

Posted on by

The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security researcher has discovered. “Security, incident response, and forensics pr… Continue reading Fooling security tools into believing malicious code was signed by Apple

Yes, Virgina, Malicious Advertising Growth in Numbers and Viciousness Is Startling

Posted on by

Dan Goodin, writing at our beloved Ars Technica, reports on the startling large numbers of malicious advertising exploits and the subsequent malevolence of same. Unfortunately, Today’s Must Read.
Permalink
The post Yes, Virgina, Malicious Advertising … Continue reading Yes, Virgina, Malicious Advertising Growth in Numbers and Viciousness Is Startling

Data Forensics: A New Frontier in Malware Prevention and Detection

Posted on by

Companies devote around 90 percent of their cybersecurity resources to prevention and detection. Through regular patching and other basic prevention measures, network and security teams are keeping the world’s malware at bay and detecting ransomware be… Continue reading Data Forensics: A New Frontier in Malware Prevention and Detection

Process Doppelgänging: New Malware Evasion Technique Works On All Windows Versions

Posted on by

A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools.

Dubbed Process Doppelgänging, the new fileless code injection technique tak… Continue reading Process Doppelgänging: New Malware Evasion Technique Works On All Windows Versions

Google Play Protect scans for malicious apps

Posted on by

By now, many Android users that have the Google Play Store app on their devices should be able to find Google Play Protect in it. What is Google Play Protect? Google Play Protect is a security suite for Android devices, which brings together some old and some new features aimed at protecting users’ devices against harmful or malicious apps. The security suite: Scans and verifies apps users want to download from Google Play (before they … More Continue reading Google Play Protect scans for malicious apps

maltrail – Malicious Traffic Detection System

Posted on by

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail ca… Continue reading maltrail – Malicious Traffic Detection System

Malware Network Communication Provides Better Early Warning Signal

Posted on by

An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. Continue reading Malware Network Communication Provides Better Early Warning Signal

Malware Hunter Crawls Internet Looking for RAT C2s

Posted on by

A new crawler from Shodan and Recorded Future called Malware Hunter seeks out command and control servers managing endpoints infected with remote access Trojans and other malware. Continue reading Malware Hunter Crawls Internet Looking for RAT C2s