Category: malware

Auto Added by WPeMatico

The Future of Ransomware

Posted on By infossl
backups, extortion, internetofthings, malware, nsa, patching, ransomware, Security technology

Ransomware isn’t new, but it’s increasingly popular and profitable. The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It’s extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how … Read More “The Future of Ransomware” »

Jumping Airgaps with a Laser and a Scanner

Posted on By infossl
academicpapers, airgaps, drones, malware, Security technology

Researchers have configured two computers to talk to each other using a laser and a scanner. Scanners work by detecting reflected light on their glass pane. The light creates a charge that the scanner translates into binary, which gets converted into an image. But scanners are sensitive to any changes of light in a room­ … Read More “Jumping Airgaps with a Laser and a Scanner” »

Research on Tech-Support Scams

Posted on By infossl
academicpapers, malware, scams, Security technology

Interesting paper: “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams“: Abstract: In technical support scams, cybercriminals attempt to convince users that their machines are infected with malware and are in need of their technical support. In this process, the victims are asked to provide scammers with remote access to their machines, who … Read More “Research on Tech-Support Scams” »

Using Intel's SGX to Attack Itself

Posted on By infossl
academicpapers, cryptography, intel, keys, malware, Security technology

Researchers have demonstrated using Intel’s Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX’s protected enclave: Malware Guard Extension: Using SGX to Conceal Cache Attacks Abstract:In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial … Read More “Using Intel's SGX to Attack Itself” »

The CIA's “Development Tradecraft DOs and DON'Ts”

Posted on By infossl
cia, cryptography, encryption, hacking, malware, Security technology, tradecraft

Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value … Read More “The CIA's “Development Tradecraft DOs and DON'Ts”” »

More on the CIA Document Leak

Posted on By infossl
cia, cryptography, leaks, malware, russia, Security technology, wikileaks

If I had to guess right now, I’d say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents of any of this stuff. It’s exactly what you’d expect the CIA to be doing in cyberspace. That makes the whistleblower motive less likely. And … Read More “More on the CIA Document Leak” »