Executable compression, aka “packing,” is a means of compressing an executable file and combining the compressed data with decompression code into a single executable. Malware Packing Throughout the years, anti-malware vendors have educated their users about polymorphic malware. This kind of malware has mechanisms to “repackage” itself...
One would be surprised to find how much hacking and malware analysis have in common. On the surface, they seem like two completely different tasks: hacking is all about identifying flaws in computer systems with the goal of bypassing their security. Malware analysis, instead, has as...
Lastline’s solutions analyze network traffic, programs, documents, and other artifacts to identify and block advanced malware in enterprise networks. In order to be able to easily integrate its functionality in the security workflow of the enterprise, Lastline products provide access to their functionality through...
Sophisticated attackers can find their way into a corporate network in many ways. An attack could come from an external source, through the exploitation of a service, or by being brought in by a user whose laptop has been infected while traveling. As the network infrastructure...
Last week at IMC Vancouver 2014, cyber-security researcher Apostolis Zarras of Ruhr-University Bochum presented a research paper entitled “The Dark Alleys of Madison Avenue, Understanding Malicious Advertisements” that he co-authored along with other researchers including my fellow Lastline co-founder Christopher Kruegel and myself. For this...
New research being presented tomorrow at RAID 2014 demonstrates that just two signals can automatically and effectively detect hundreds of malicious pages within 150,000 real-world samples with relatively high precision and accuracy: 1) content obfuscation and 2) fake certification seals. The UCSB research paper by...
When my students ask me how their studies at UCSB might transfer into corporate IT positions, I point to the rapid rise in cyber-security -- and particularly malware analyst -- positions worldwide. In response to increasingly sophisticated, advanced malware that evades detection and the advanced...
Much has been said in recent weeks about the state of antivirus technology. To add facts to the debate, Lastline Labs malware researchers studied hundreds of thousands of pieces of malware they detected for 365 days from May 2013 to May 2014, testing new malware...
How research and innovation inspired the creation of Lastline's anti-malware solutions Lastline's founding team is composed of malware researchers from the University of California in Santa Barbara, Northeastern University in Boston, Technical University of Vienna, Eurecom Institute in France, and Bochum University, Germany. As a group,...
Malware has always been in continuous evolution: Throughout the years we have seen simple viruses become polymorphic, autonomous self-replicating code connecting to a master host and becoming a botnet, and JavaScript being used to launch increasingly sophisticated attacks against browsers. This last attack vector has become increasingly popular, as drive-by-download...
