Author: Giovanni Vigna

Executable compression, aka “packing,” is a means of compressing an executable file and combining the compressed data with decompression code into a single executable. Malware Packing Throughout the years, anti-malware vendors have educated their users about polymorphic malware. This kind of malware has mechanisms to “repackage” itself...

Lastline’s solutions analyze network traffic, programs, documents, and other artifacts to identify and block advanced malware in enterprise networks. In order to be able to easily integrate its functionality in the security workflow of the enterprise, Lastline products provide access to their functionality through...

Sophisticated attackers can find their way into a corporate network in many ways. An attack could come from an external source, through the exploitation of a service, or by being brought in by a user whose laptop has been infected while traveling. As the network infrastructure...

Last week at IMC Vancouver 2014, cyber-security researcher Apostolis Zarras of Ruhr-University Bochum presented a research paper entitled “The Dark Alleys of Madison Avenue, Understanding Malicious Advertisements” that he co-authored along with other researchers including my fellow Lastline co-founder Christopher Kruegel and myself. For this...

Much has been said in recent weeks about the state of antivirus technology. To add facts to the debate, Lastline Labs malware researchers studied hundreds of thousands of pieces of malware they detected for 365 days from May 2013 to May 2014, testing new malware...

How research and innovation inspired the creation of Lastline's anti-malware solutions Lastline's founding team is composed of malware researchers from the University of California in Santa Barbara, Northeastern University in Boston, Technical University of Vienna, Eurecom Institute in France, and Bochum University, Germany. As a group,...

Malware has always been in continuous evolution: Throughout the years we have seen simple viruses become polymorphic, autonomous self-replicating code connecting to a master host and becoming a botnet, and JavaScript being used to launch increasingly sophisticated attacks against browsers. This last attack vector has become increasingly popular, as drive-by-download...