Following the fallout of the Mirai botnet, security has risen to the top of the agenda for organizations buying connected devices. Organizations now understand the need to analyze IoT device code for lingering vulnerabilities. However, IoT firmware is binary, and typically vendors don’t share the...
In recent years, machine learning has made tremendous strides in the fight against cybercrime. But it’s not foolproof, and criminals have developed techniques to undermine its effectiveness. In today’s adversarial environment, organizations must deploy technologies that are resilient to attacks against machine learning. Machine Learning—Amazing, but...
As in recent years, 2017 has been marked by an increasing number of cyberattacks, and indications point to another tumultuous year as we head into 2018. With companies storing more data in the cloud and the number of Internet-connected devices rapidly increasing, the appeal and opportunity...
Breach Detection Systems (BDS) trap attacks that display sufficient evidence of a possible breach, but are at risk of false positives when the sensitivity level is set too low. Hunting attacks with anomaly detection systems can detect the attacks that are not trapped by the...
Executable compression, aka “packing,” is a means of compressing an executable file and combining the compressed data with decompression code into a single executable. Malware Packing Throughout the years, anti-malware vendors have educated their users about polymorphic malware. This kind of malware has mechanisms to “repackage” itself...
One would be surprised to find how much hacking and malware analysis have in common. On the surface, they seem like two completely different tasks: hacking is all about identifying flaws in computer systems with the goal of bypassing their security. Malware analysis, instead, has as...
Lastline’s solutions analyze network traffic, programs, documents, and other artifacts to identify and block advanced malware in enterprise networks. In order to be able to easily integrate its functionality in the security workflow of the enterprise, Lastline products provide access to their functionality through...
Sophisticated attackers can find their way into a corporate network in many ways. An attack could come from an external source, through the exploitation of a service, or by being brought in by a user whose laptop has been infected while traveling. As the network infrastructure...
Last week at IMC Vancouver 2014, cyber-security researcher Apostolis Zarras of Ruhr-University Bochum presented a research paper entitled “The Dark Alleys of Madison Avenue, Understanding Malicious Advertisements” that he co-authored along with other researchers including my fellow Lastline co-founder Christopher Kruegel and myself. For this...
New research being presented tomorrow at RAID 2014 demonstrates that just two signals can automatically and effectively detect hundreds of malicious pages within 150,000 real-world samples with relatively high precision and accuracy: 1) content obfuscation and 2) fake certification seals. The UCSB research paper by...
